Authentication methods on HubSpot
HubSpot's APIs allow two means of authentication: OAuth and API keys. While most endpoints support both methods (unless the documentation for a specific endpoint says otherwise), OAuth is generally recommended. API keys are good for rapid prototyping or integrations designed for single-account use, but any integration designed for multi-customer use or listing on the App Marketplace must be built as an app using HubSpot’s OAuth protocol.
Examples:
Here are two almost identical cURL requests to this endpoint. The only difference is the authentication method.
OAuth 2.0, which uses an access token in the Authorization header:
/~curl --header "Authorization: Bearer C4d***sVq"
https://api.hubapi.com/crm/v3/objects/contacts?limit=10&archived=false
API key, which is added to the URL using the hapikey=
query parameter:
/~curl 'https://api.hubapi.com/crm/v3/objects/contacts?limit=10&archived=false&hapikey=456***cfa'
Ready to authenticate your integration? Get started by creating a developer account. From there, you can build an app and authenticate it using OAuth, get your developer account API key, or create a test account (which has its own API key).