Skip to content
HubSpot Developer Changelog

Sunset of JWT SSO Setup for Private Content


What's Changing?

On January 29th, 2025 we are deprecating the ability to set up Single Sign-On (SSO) for JWT-based applications. Moving forward, we will be replacing this functionality with the OpenID Connect (OIDC) standard1. If you are already using JWT SSO, this is not applicable to you and your setup will continue to work.  

Who Is Affected?

  • Customers without existing JWT SSO setups: This change applies to you. You will no longer be able to configure SSO using JWT for new applications.
  • Customers already using JWT SSO for private content: This change will NOT impact you. Your existing JWT SSO configurations will continue to function as they currently do.

Why Are We Making This Change?

The current method for setting up SSO with JWT-based applications involves a highly bespoke implementation, which can require significant development effort and expertise. By transitioning to the OpenID Connect standard, we aim to:

  • Simplify SSO Configuration: Reduce the development work required to properly configure SSO.
  • Enhance Security: Leverage the robust security features inherent in the OpenID Connect standard.
  • Improve Compatibility: Provide a standardized method that is widely supported and compatible with various identity providers.

How Does This Affect You?

  • For New SSO Setups:
    • In the future, you will need to implement SSO using the OpenID Connect standard or Security Assertion Markup Language.
    • JWT-based SSO setup will no longer be available for new applications.
  • For Existing JWT SSO Users:
    • No immediate action is required.
    • Your current JWT SSO configurations will remain functional.
    • You may consider transitioning to OpenID Connect in the future to take advantage of its benefits.

When is this happening

We will no longer allow JWT SSO setup starting January 29th, 2025.  

 

Questions or comments?

Please join the peer-to-peer developer community forum.

 

1.  This record includes updates regarding current development efforts for our existing or new products or services. These updates are not intended to be a promise or guarantee of future availability of products, services, or features but merely reflect our current plans based on factors currently known to us. They also are not intended to indicate when or how particular features will be offered or at what service tier(s) or price. These planned and future development efforts may change without notice.