APIs & Integrations

Search APIs & Integrations for solutions or ask a question
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
IntegrationDev

‎Apr 11, 2022 11:57 AM

Contributor

OAuth2 without a client secret? - OAuth2 Authorization Code w/PKCE Flow???

SOLVE

Hello,

 

Over the past year (since this post), have any options opened up for using OAuth2 with HubSpot without passing a client secret?

I'm working on an integration to HubSpot that is client hosted in a scenario somehwat similar to a single-page application (SPA).

 

Storing/using a client secret in this scenario is not ideal. It would be much better to use OAuth2's Authorization Code Flow with Proof Key for Code Exchange (PKCE), which avoids the need for that secret.

 

Hoping there's an option to do this. 🙂

 

In worse case, I may have to fall back to using private app registrations, but that may preclude my integration from being listed in the App Marketplace. 😞

 

Thank you!

oAuth
0 Upvotes
2 Accepted solutions
dennisedson
Solution
HubSpot Product Team

‎Apr 18, 2022 1:38 PM

HubSpot Product Team

OAuth2 without a client secret? - OAuth2 Authorization Code w/PKCE Flow???

SOLVE

@IntegrationDev 

Apologies for the delayed response.  The answer in that post still holds true 😥

I would suggest creating an idea and posting the idea link on this thread for anyone else looking for this functionality to upvote it.

View solution in original post

0 Upvotes
IntegrationDev
Solution

‎Apr 20, 2022 9:29 AM

Contributor

OAuth2 without a client secret? - OAuth2 Authorization Code w/PKCE Flow???

SOLVE

Thank you, @dennisedson! Done.

 

Here's the link to the Idea proposing this change: https://community.hubspot.com/t5/HubSpot-Ideas/OAuth2-Support-Authorization-Code-Flow-with-Proof-Key...

View solution in original post

2 Replies 2
dennisedson
Solution
HubSpot Product Team

‎Apr 18, 2022 1:38 PM

HubSpot Product Team

OAuth2 without a client secret? - OAuth2 Authorization Code w/PKCE Flow???

SOLVE

@IntegrationDev 

Apologies for the delayed response.  The answer in that post still holds true 😥

I would suggest creating an idea and posting the idea link on this thread for anyone else looking for this functionality to upvote it.

0 Upvotes
IntegrationDev
Solution

‎Apr 20, 2022 9:29 AM

Contributor

OAuth2 without a client secret? - OAuth2 Authorization Code w/PKCE Flow???

SOLVE

Thank you, @dennisedson! Done.

 

Here's the link to the Idea proposing this change: https://community.hubspot.com/t5/HubSpot-Ideas/OAuth2-Support-Authorization-Code-Flow-with-Proof-Key...

Sunny

Sign up for the Developer Newsletter

Fresh content delivered to your inbox every month.
OAuth2 without a client secret? - OAuth2 Authorization Code w/PKCE Flow???
Developers
Apr 20, 2022