topic Re: Restrict Transactional Email SMTP endpoints to OAuth authentication only and sunset API key usag in Developer Announcements

Restrict Transactional Email SMTP endpoints to OAuth authentication only and sunset API key usage

rhenry — Thu, 20 Feb 2020 19:20:25 GMT

What’s happening

The usage of API keys for the Transactional Email SMTP endpoints listed below is being sunset.

We’re ending API key usage for these 3 endpoints only starting today unless your account has accessed these endpoints in the past 6 months.

We’ll be contacting all HubSpot accounts that have used API keys to access these particular endpoints only in the last 6 months with more details and a plan for updating their integrations.

This is being done to increase the security, privacy and protection of our email sending platform. Customers must use OAuth to authenticate using these endpoints moving forward.

When is this happening?

Wednesday, February 19, 2020

If you have any questions or concerns, please join the discussion here.

Re: Restrict Transactional Email SMTP endpoints to OAuth authentication only and sunset API key usag

sauntimo — Thu, 20 Feb 2020 16:35:37 GMT

If you're going to sunset a feature, it would be really useful to prominently display a timescale by which we are expected to transition to the new method - telling us it's happening but not saying when makes it very difficult to prioritise the dev work required to respond to this 😞

I'm... I'm assuming that API keys didn't actually die yesterday as the only date on your post suggests? Because that's not sunsetting, that's axeing.

Re: Restrict Transactional Email SMTP endpoints to OAuth authentication only and sunset API key usag

rhenry — Thu, 20 Feb 2020 19:25:08 GMT

Hi @sauntimo

Thank you very much for your feedback and questions.

I have updated the forum post with more detail so it's a little clearer for our community. Thank you for pointing that out to us.

We have ended API key usage yesterday for the 3 SMTP endpoints listed above only.

This means that any customer accessing those endpoints today will have to authenticate using OAuth.

However, if you are a customer who has accessed those endpoints in the last 6 months we’ve reached out to you separately to discuss a plan to move you to the new authentication method.

If you have any follow up questions or concerns about your account in particular please don’t hesitate to send me a direct message on here and I can assist you.

Many thanks,

Rahmona

Re: Restrict Transactional Email SMTP endpoints to OAuth authentication only and sunset API key usag

sauntimo — Fri, 21 Feb 2020 08:34:35 GMT

Thanks for clarifying, much appreciated.

Re: Restrict Transactional Email SMTP endpoints to OAuth authentication only and sunset API key usag

BVMcDevitt — Mon, 24 Feb 2020 15:02:13 GMT

One of the main use cases we purchased your transactional add-on for is to act as an SMTP server for our Subscription Billing Tool. That tool's SMTP config allows for us to enter a Server Address, Username, Static Password and Port number. It does not allow for the ability to actively retrieve and refresh tokens as is necessary with OAuth. Is Hubspot's stance that the will no longer support a standard SMTP integration such as this?

Re: Restrict Transactional Email SMTP endpoints to OAuth authentication only and sunset API key usag

Willson — Tue, 25 Feb 2020 13:28:47 GMT

Hi @BVMcDevitt

We're currently investigating this with our Engineers internally and will revert with an update as soon as we can.

Thanks!