Skip to main content

When building with the developer projects framework, private apps enable you to authenticate data fetch requests using their private app access token. Private apps can only be installed into the account where they're defined, versus public apps which are installed into multiple accounts through an OAuth flow.

In your project's structure, a private app is stored in a folder that contains an app.json configuration file, and will also contain extension and serverless function files needed by the app. A project can contain multiple apps, and each app can contain multiple UI extensions.

In this guide, learn how to create a private app in a project and view it in HubSpot. Then, you can create a UI extension within the app to customize the CRM UI, or build CMS React modules.

To create a private app in a project, you'll first need to install the HubSpot CLI. To get started with HubSpot projects, you can also check out the quickstart guide.

To create a private app within your project:

  • Within the src folder of your project directory, create a folder for your app.
  • Within the app folder, create an app.json file. This file will contain your app definitions.
  • Copy the following code into your app.json file:
ParameterTypeDescription
nameStringA unique name for the app.
descriptionStringThe app's description.
scopesArrayThe app's allowed scopes. At least one scope is required.
uidStringThe app's uniquely identifying name. This can be any string, but should meaningfully identify the app. HubSpot will identify the app by this ID so that you can change the app's name locally or in HubSpot without removing historical or stateful data, such as logs.
publicBooleanSet to false for private apps.
extensionsObjectContains the extensions included in the app. For app cards, include a crm object, followed by a cards array that contains a file field that references the card's JSON configuration file. If you have not yet defined your extension, you can leave this object empty.

Within the private app, you'll add a serverless function to serve as your UI extension's back end. Serverless function files are stored in a separate folder within the app folder.

In the app directory, create a .functions directory with the following files:

  • serverless.json

  • package.json

  • example-function.js

    Screenshot 2023-08-31 at 4.23.46 PM

The example code below will get you started, but check out the serverless functions guide to learn more about authenticating calls, managing secrets, debugging, and more.

ParameterTypeDescription
appFunctionsObjectThe object that contains definitions for each serverless function.
myFuncObjectThe object containing the name of the serverless function file along with any secrets needed for authenticating requests in the secrets array.myFunc can be any value. You'll later reference this name when running the function in your React front end.

With your app defined and your serverless function configured, upload the project to HubSpot using the hs project upload command.

On upload, the build will be triggered and HubSpot will validate your project files and provision any needed resources. By default, HubSpot will automatically deploy successful builds. Alternatively, you can link a GitHub repository to the project to automatically trigger a new build when you push a change to the project files in GitHub.

With your app uploaded, learn how to view it in HubSpot below. Then, create a UI extension in the app to customize CRM records with various UI components.

If you're a Super admin, you can access and manage private apps in your HubSpot account, including viewing your apps, their build history, and the access token required to make API calls.

To view a private app's details in HubSpot:

  • In your HubSpot account, navigate to CRM Development.
  • In the left sidebar menu, navigate to Private apps.
  • Click the name of the private app.

You'll then be taken to the app's home page where you can view and manage its access token, view request logs and included extensions, and delete the app. Learn more about each tab below.

On the Overview tab, review high-level information about the app's API calls and extension requests and responses.

private-app-overview-tab

On the Auth tab, view authentication-related information, such as the private app's access token and scopes. You can also delete the app from this page.

private-app-auth-tab

On the Logs tab, view detailed information about the app's various calls and events. The tabs under the Logs tab break down different types of events that occur while the app is running, and are helpful for debugging errors that your app might run into. Learn more about serverless function debugging.

  • API calls: click the API calls tab to view logs for API calls made by the app.
  • Endpoint functions: click the Endpoint functions tab to view logs for serverless endpoint functions included in the app. You can view further event details by clicking an event row. Log details will be displayed in a panel on the right, and will include a View log trace link that you can click to view the log track, along with a Trade ID that you can copy for use on the Log Traces tab.
  • Serverless functions: click the Serverless functions tab to view logs for serverless app functions included in the app. You can view further event details by clicking an event row. Log details will be displayed in a panel on the right, and will include a View log trace link that you can click to view the log track, along with a Trade ID that you can copy for use on the Log Traces tab.
  • Extensions: click the Extensions tab to view React top-level event logs, such as a UI extension successfully loading. Click an event row to view log details, including the user who initialized the request. Log details will also include a View log trace link that you can click to view the log trace, along with a Trace ID that you can copy for use on the Log Traces tab.
  • Security: click the Security tab to view security-related events, such as private app access token viewing and rotating.

in-app-logs-tab-private-app

As an example, say your app is running into an error when trying to retrieve company proximity information through a serverless function. You can click the Logs tab, then click the Serverless functions tab. Then, you can click the errored request to view the log output in the right panel. In the panel, you can then click View log trace for more information.

view-serverless-app-function-logs

Alternatively, you can click Copy Trace ID in the log output panel, then use the ID in the Log Traces tab.

copy-trace-id-for-log-tracing

On the Log Traces tab, view log traces by trace ID, which you can retrieve from log outputs on the Logs tab. Log tracing enables you to trace front-end and back-end logs with a single ID, making it easier to debug issues happening in production.

You can also retrieve log IDs on CRM record pages where an extension has failed to load. This can be especially useful if your extension includes custom log messages. logger-debug-on-crm-record

private-app-log-traces-output

On the Extensions tab, view information about the extensions that are included in the app.

private-app-extensions-tab