We use cookies to make HubSpot's community a better place. Cookies help to provide a more personalized experience and relevant advertising for you, and web analytics for us. To learn more, and to see a full list of cookies we use, check out our Cookie Policy (baked goods not included).

Allow cookies

Restrict Transactional Email SMTP endpoints to OAuth authentication only and sunset API key usage

rhenry
HubSpot Moderator
HubSpot Moderator

‎Feb 19, 2020 10:45 AM - edited ‎Feb 20, 2020 2:20 PM

What’s happening

The usage of API keys for the Transactional Email SMTP endpoints listed below is being sunset.

 

Create SMTP API Tokens

List SMTP API Tokens

SMTP API Tokens - Password Reset

 

We’re ending API key usage for these 3 endpoints only starting today unless your account has accessed these endpoints in the past 6 months. 

 

We’ll be contacting all HubSpot accounts that have used API keys to access these particular endpoints only in the last 6 months with more details and a plan for updating their integrations.

 

This is being done to increase the security, privacy and protection of our email sending platform. Customers must use OAuth to authenticate using these endpoints moving forward.

 

When is this happening?

Wednesday, February 19, 2020

 

If you have any questions or concerns, please join the discussion here. 

Rahmona Henry
Announcements Email OAuth
Reply
5 Replies 5
sauntimo
Occasional Contributor

‎Feb 20, 2020 11:33 AM - edited ‎Feb 20, 2020 11:35 AM

If you're going to sunset a feature, it would be really useful to prominently display a timescale by which we are expected to transition to the new method - telling us it's happening but not saying when makes it very difficult to prioritise the dev work required to respond to this 😞

 

I'm... I'm assuming that API keys didn't actually die yesterday as the only date on your post suggests? Because that's not sunsetting, that's axeing.

Reply
0 Upvotes
rhenry
HubSpot Moderator
HubSpot Moderator

‎Feb 20, 2020 2:25 PM

Hi @sauntimo 
 
Thank you very much for your feedback and questions.
 
I have updated the forum post with more detail so it's a little clearer for our community. Thank you for pointing that out to us. 
 
We have ended API key usage yesterday for the 3 SMTP endpoints listed above only.
This means that any customer accessing those endpoints today will have to authenticate using OAuth.
 
However, if you are a customer who has accessed those endpoints in the last 6 months we’ve reached out to you separately to discuss a plan to move you to the new authentication method.
 
If you have any follow up questions or concerns about  your account in particular please don’t hesitate to send me a direct message on here and I can assist you.
 
Many thanks, 
Rahmona
Rahmona Henry
Reply
0 Upvotes
sauntimo
Occasional Contributor

‎Feb 21, 2020 3:34 AM

Thanks for clarifying, much appreciated.

Reply
BVMcDevitt
New Contributor

‎Feb 24, 2020 9:47 AM - edited ‎Feb 24, 2020 10:02 AM

One of the main use cases we purchased your transactional add-on for is to act as an SMTP server for our Subscription Billing Tool. That tool's SMTP config allows for us to enter a Server Address, Username, Static Password and Port number. It does not allow for the ability to actively retrieve and refresh tokens as is necessary with OAuth. Is Hubspot's stance that the will no longer support a standard SMTP integration such as this?

Reply
0 Upvotes
Willson
HubSpot Moderator
HubSpot Moderator

‎Feb 25, 2020 8:28 AM

Hi @BVMcDevitt 

 

We're currently investigating this with our Engineers internally and will revert with an update as soon as we can.

 

Thanks!

Matthew Willson

HubSpot Developer Support
Reply
0 Upvotes
Restrict Transactional Email SMTP endpoints to OAuth authentication only and sunset API key usage
Developers
Feb 25, 2020