APIs & Integrations

Rechercher APIs & Integrations pour des solutions ou poser une question
annuler
Activer les suggestions
La fonction de suggestion automatique permet d'affiner rapidement votre recherche en suggérant des correspondances possibles au fur et à mesure de la frappe.
Affichage des résultats de 
Rechercher plutôt 
Vouliez-vous dire : 
IntegrationDev

‎avr. 11, 2022 11:57 AM

Contributeur

OAuth2 without a client secret? - OAuth2 Authorization Code w/PKCE Flow???

Résolue

Hello,

 

Over the past year (since this post), have any options opened up for using OAuth2 with HubSpot without passing a client secret?

I'm working on an integration to HubSpot that is client hosted in a scenario somehwat similar to a single-page application (SPA).

 

Storing/using a client secret in this scenario is not ideal. It would be much better to use OAuth2's Authorization Code Flow with Proof Key for Code Exchange (PKCE), which avoids the need for that secret.

 

Hoping there's an option to do this. 🙂

 

In worse case, I may have to fall back to using private app registrations, but that may preclude my integration from being listed in the App Marketplace. 😞

 

Thank you!

oAuth
0 Votes
2 Solutions acceptées
dennisedson
Solution
Équipe de développement de HubSpot

‎avr. 18, 2022 1:38 PM

Équipe de développement de HubSpot

OAuth2 without a client secret? - OAuth2 Authorization Code w/PKCE Flow???

Résolue

@IntegrationDev 

Apologies for the delayed response.  The answer in that post still holds true 😥

I would suggest creating an idea and posting the idea link on this thread for anyone else looking for this functionality to upvote it.

Voir la solution dans l'envoi d'origine

0 Votes
IntegrationDev
Solution

‎avr. 20, 2022 9:29 AM

Contributeur

OAuth2 without a client secret? - OAuth2 Authorization Code w/PKCE Flow???

Résolue

Thank you, @dennisedson! Done.

 

Here's the link to the Idea proposing this change: https://community.hubspot.com/t5/HubSpot-Ideas/OAuth2-Support-Authorization-Code-Flow-with-Proof-Key...

Voir la solution dans l'envoi d'origine

2 Réponses
dennisedson
Solution
Équipe de développement de HubSpot

‎avr. 18, 2022 1:38 PM

Équipe de développement de HubSpot

OAuth2 without a client secret? - OAuth2 Authorization Code w/PKCE Flow???

Résolue

@IntegrationDev 

Apologies for the delayed response.  The answer in that post still holds true 😥

I would suggest creating an idea and posting the idea link on this thread for anyone else looking for this functionality to upvote it.

0 Votes
IntegrationDev
Solution

‎avr. 20, 2022 9:29 AM

Contributeur

OAuth2 without a client secret? - OAuth2 Authorization Code w/PKCE Flow???

Résolue

Thank you, @dennisedson! Done.

 

Here's the link to the Idea proposing this change: https://community.hubspot.com/t5/HubSpot-Ideas/OAuth2-Support-Authorization-Code-Flow-with-Proof-Key...

Sunny

Sign up for the Developer Newsletter

Fresh content delivered to your inbox every month.
OAuth2 without a client secret? - OAuth2 Authorization Code w/PKCE Flow???
Thank you, @dennisedson! Done.   Here's the link to the Idea proposing this change: https://community.hubspot.com/t5/HubSpot-Ideas/OAuth2-Support-Authorization-Code-Flow-with-Proof-Key-for-Cod...
Thank you, @dennisedson! Done.   Here's the link to the Idea proposing this change: https://community.hubspot.com/t5/HubSpot-Ideas/OAuth2-Support-Authorization-Code-Flow-with-Proof-Key-for-Cod...
Developers
Apr 20, 2022