APIs & Integrations

Search APIs & Integrations for solutions or ask a question
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
andrewb1

‎Nov 28, 2017 4:51 AM

Member

Should the refresh token be the same for different installs

I am integrating with Hubspot through a web application and I make a web request with the necessary data fields to get the oauth code,

Something like: https://app.hubspot.com/oauth/authorize?client_id=123&scope=contacts&redirect_uri=myurl.com

I then use the returned code to get the access token and refresh token, etc

What I am seeing is I have 2 different “accounts” - accounts in our separate web application, installed in the same Hubspot portal (one was uninstalled and then replaced by a fresh install) and both have the same refresh token

I think I know the answer but is this expected behaviour? Is it because the hubspot portal I am installing into and the install url are the same? So in reality the refresh token would be different?

Thanks,
Andrew

oAuth
0 Upvotes
1 Reply 1
Derek_Gervais
HubSpot Alumni

‎Nov 28, 2017 10:21 AM

HubSpot Alumni

Should the refresh token be the same for different installs

Hi @andrewb,

If an integration is uninstalled from a portal, the refresh token is invalidated; if an integration is re-authed without being uninstalled, the refresh token remains valid (and remains the same). This means that if you go through the authentication twice without uninstalling the app, you’ll get the same refresh token. If you install, then uninstall, then reinstall the app, you should get two different refresh tokens.

0 Upvotes
Sunny

Sign up for the Developer Newsletter

Fresh content delivered to your inbox every month.
Should the refresh token be the same for different installs
Developers
Nov 28, 2017