APIs & Integrations

Buscar soluciones en APIs & Integrations o hacer una pregunta
cancelar
Activar sugerencias
La sugerencia automática le ayuda a obtener, de forma rápida, resultados precisos de su búsqueda al sugerirle posibles coincidencias mientras escribe.
Mostrando los resultados de 
Buscar en lugar de 
Quiere decir: 
IntegrationDev

‎abr 11, 2022 11:57 AM

Colaborador

OAuth2 without a client secret? - OAuth2 Authorization Code w/PKCE Flow???

resolver

Hello,

 

Over the past year (since this post), have any options opened up for using OAuth2 with HubSpot without passing a client secret?

I'm working on an integration to HubSpot that is client hosted in a scenario somehwat similar to a single-page application (SPA).

 

Storing/using a client secret in this scenario is not ideal. It would be much better to use OAuth2's Authorization Code Flow with Proof Key for Code Exchange (PKCE), which avoids the need for that secret.

 

Hoping there's an option to do this. 🙂

 

In worse case, I may have to fall back to using private app registrations, but that may preclude my integration from being listed in the App Marketplace. 😞

 

Thank you!

oAuth
0 Me gusta
2 Soluciones aceptadas
dennisedson
Solución
Equipo de producto de HubSpot

‎abr 18, 2022 1:38 PM

Equipo de producto de HubSpot

OAuth2 without a client secret? - OAuth2 Authorization Code w/PKCE Flow???

resolver

@IntegrationDev 

Apologies for the delayed response.  The answer in that post still holds true 😥

I would suggest creating an idea and posting the idea link on this thread for anyone else looking for this functionality to upvote it.

Ver la solución en mensaje original publicado

0 Me gusta
IntegrationDev
Solución

‎abr 20, 2022 9:29 AM

Colaborador

OAuth2 without a client secret? - OAuth2 Authorization Code w/PKCE Flow???

resolver

Thank you, @dennisedson! Done.

 

Here's the link to the Idea proposing this change: https://community.hubspot.com/t5/HubSpot-Ideas/OAuth2-Support-Authorization-Code-Flow-with-Proof-Key...

Ver la solución en mensaje original publicado

2 Respuestas 2
dennisedson
Solución
Equipo de producto de HubSpot

‎abr 18, 2022 1:38 PM

Equipo de producto de HubSpot

OAuth2 without a client secret? - OAuth2 Authorization Code w/PKCE Flow???

resolver

@IntegrationDev 

Apologies for the delayed response.  The answer in that post still holds true 😥

I would suggest creating an idea and posting the idea link on this thread for anyone else looking for this functionality to upvote it.

0 Me gusta
IntegrationDev
Solución

‎abr 20, 2022 9:29 AM

Colaborador

OAuth2 without a client secret? - OAuth2 Authorization Code w/PKCE Flow???

resolver

Thank you, @dennisedson! Done.

 

Here's the link to the Idea proposing this change: https://community.hubspot.com/t5/HubSpot-Ideas/OAuth2-Support-Authorization-Code-Flow-with-Proof-Key...

Sunny

Sign up for the Developer Newsletter

Fresh content delivered to your inbox every month.
OAuth2 without a client secret? - OAuth2 Authorization Code w/PKCE Flow???
Thank you, @dennisedson! Done.   Here's the link to the Idea proposing this change: https://community.hubspot.com/t5/HubSpot-Ideas/OAuth2-Support-Authorization-Code-Flow-with-Proof-Key-for-Cod...
Thank you, @dennisedson! Done.   Here's the link to the Idea proposing this change: https://community.hubspot.com/t5/HubSpot-Ideas/OAuth2-Support-Authorization-Code-Flow-with-Proof-Key-for-Cod...
Developers
Apr 20, 2022