We're releasing a fix today that changes API access to flows with steps involving sensitive data. Going forward, sensitive data scopes will be required to access or modify flows that include sensitive data.
For accessing flows:
crm.objects.{object type}.sensitive.read scope, depending on the object type(s) used in the flowcrm.objects.{object type}.sensitive.write scope, depending on the object type(s) used in the flow
For record enrollment:
crm.objects.{object type}.sensitive.read} scope, depending on the object type(s) used in the flowcrm.objects.{object type}.sensitive.write scope, depending on the object type(s) used in the flow
Please note that automation will not support any data that is marked as highly sensitive. Please see our developer documentation for sensitive data for more details.
This change is going into effect immediately, and will affect all versions of the Workflows API. If your app works with flows and requires access to sensitive data, you'll need to update the scope settings for your app to include the sensitive access scopes. If you have a public app that doesn't already request these scopes, you may need to have HubSpot users reinstall your app with the additional scopes to be able to access flows working with sensitive data.
Please let us know if you have any questions by joining the discussion in our community.