Public Apps vs Private Apps for leaving notes and Extensions API

thecoolcoder · ‎Oct 19, 2022

I have a custom CRM card in the right sidebar that is made with the Extsnsions API, and this functionality also leaves notes in the TImeline. The deprecation of API keys in November 2022 says that Timeline events require a Public App authentication token. I have also seen it posted that Extensions API requires Public Apps token.

I have this integration on only one instance and do not intend to make it show on others. I have a Private Apps token that I can use for this if Public Apps is not needed to leave notes on timeline and make Extensions API CRM card. Is anyone for certain that Public Apps token is needed in this case?

tjoyce · ‎Oct 24, 2022

I was under the impression that CRM extension cards also required the OAuth2 Authentication.

Yes, @thecoolcoder - You will need to set up the OAuth.

The last time I did this, I blocklisted all portals from connecting and then put a allowlisted portal id into an env file to make sure that was the only portal that could connect to the app.

Jaycee_Lewis · ‎Oct 21, 2022

Hey, @thecoolcoder 👋 Thanks for reaching out. Can you copy + paste the quotes you are referring to, please? I just want to make sure I'm understanding 100%.

For the Timeline Events API, it utilizes your Developer API key, which is separate from your HAPI. Developer API keys are not part of the upcoming sunset.

For the CRM Extensions API, @tjoyce @JBeatty @Gonzalo, have you tinkered with anything similar?

Thank you for taking a look! — Jaycee

Jaycee Lewis

Developer Community Manager

Community | HubSpot

APIs & Integrations