Convert our api integration using API key to 0Auth 2.0

johnjohn · ‎Jul 1, 2020

I have implemented many integrations with hubspot API using api key (less secure) approach, for example inside my asp.net c# application i have the following code to integrate with hubspot api to get the companies:-

 {
    wc.Encoding = Encoding.UTF8;
    string url = "https://api.hubapi.com/companies/v2/companies/paged?hapikey=3*****ff&properties=website&properties=mse_scan&properties=phone&limit=" + Program.apilimit.ToString() + "&offset=" + offset;
    string tempurl = url.Trim();
    string json = wc.DownloadString(tempurl);
    ipfd = JsonConvert.DeserializeObject<Marketing>(json);
    offset = ipfd.offset;
    hasmore = ipfd.hasmore;
}

now i want to convert the api key appraoch to 0Auth 2.0. so i did the following steps:-

1) create a new developer account.

2) i get the app id and client secret.

but not sure what i need to modifiy inside my above code to implement the 0Auth 2.0?

Willson · ‎Jul 2, 2020

Hey @johnjohn

I've found a resource here that may assist, take a look here. This documents a .NET wrapper and runs through how to make the authentication request using OAuth.

I hope this helps!

Product Manager @ HubSpot

View solution in original post

HenryCipolla · ‎Jul 5, 2020

Hi JohnJohn,

OAuth involves more than just tweaking the existing API request. You need to get an access token from HubSpot that you can include in the header of your API requests. To do this you need to go through a multipart handshake in which you request a token and a secret for a given set of scopes, and provide a callback. Then you send the user to HubSpot so they can auth and your callback gets called when they are done. Then you use the authorization code you get back to request an access token which you use to validate API requests. You will also need to manage keeping the token refreshed.

This is why people usually prefer to use a wrapper that handles all of this for them. For example, I've had success with JSO.

If you want to roll it yourself, that's also feasible but it's a bit of work. I recommend starting with Digital Ocean's guide on Oauth2.

View solution in original post

Willson · ‎Jul 2, 2020

Hey @johnjohn

I've found a resource here that may assist, take a look here. This documents a .NET wrapper and runs through how to make the authentication request using OAuth.

I hope this helps!

Product Manager @ HubSpot

johnjohn · ‎Jul 2, 2020

@Willson thanks for the reply, but i prefer to wirte my own OAuth code , instead of using a wrapper? any advice?

HenryCipolla · ‎Jul 5, 2020

Hi JohnJohn,

OAuth involves more than just tweaking the existing API request. You need to get an access token from HubSpot that you can include in the header of your API requests. To do this you need to go through a multipart handshake in which you request a token and a secret for a given set of scopes, and provide a callback. Then you send the user to HubSpot so they can auth and your callback gets called when they are done. Then you use the authorization code you get back to request an access token which you use to validate API requests. You will also need to manage keeping the token refreshed.

This is why people usually prefer to use a wrapper that handles all of this for them. For example, I've had success with JSO.

If you want to roll it yourself, that's also feasible but it's a bit of work. I recommend starting with Digital Ocean's guide on Oauth2.

APIs & Integrations