User Provisioning

This doc describes the process for managing users using the public users API. See our endpoints tab for detailed descriptions of all the available endpoints.

This API can be used to manage the users on an account and manage the roles of those users.

Specifying a User

When specifying a user with the userId path parameter, you can either use the user's id or the user's email. Specifying based on the user's id is the default behavior but if you want to use the user's email, you can use the query parameter idProperty to set that.

The following GET request is fetching a user with the email

You can set the idProperty query param in any endpoint that takes in userId as a path param



HubSpot accounts can define roles to easily manage multiple users' permissions at once. Once you've created a role and specified certain permissions for it, you can then assign new and existing users the role to grant them the same permissions. Roles that have paid seats attached to them can only be modified by applications that have the billing-write scope.

The following is an example of a role definition:

"id": "1234"
"name": "my cool role"
"requiresBillingWrite": false

Note that roles must be created in the app before attempting to assign them to users.


In order to use the User Provisioning API you must use OAuth 2.0 or your app's access token, if you're creating a private app.

Was this page helpful? *
This form is for feedback on our developer docs. If you have feedback on the HubSpot product, please share it in our Idea Forum instead.