Developer Announcements

rhenry
HubSpot Employee
HubSpot Employee

Restrict Transactional Email SMTP endpoints to OAuth authentication only and sunset API key usage

What’s happening

The usage of API keys for the Transactional Email SMTP endpoints listed below is being sunset.

 

Create SMTP API Tokens

List SMTP API Tokens

SMTP API Tokens - Password Reset

 

We’re ending API key usage for these 3 endpoints only starting today unless your account has accessed these endpoints in the past 6 months. 

 

We’ll be contacting all HubSpot accounts that have used API keys to access these particular endpoints only in the last 6 months with more details and a plan for updating their integrations.

 

This is being done to increase the security, privacy and protection of our email sending platform. Customers must use OAuth to authenticate using these endpoints moving forward.

 

When is this happening?

Wednesday, February 19, 2020

 

If you have any questions or concerns, please join the discussion here. 

Rahmona Henry
5 Réponses
BVMcDevitt
Membre

Restrict Transactional Email SMTP endpoints to OAuth authentication only and sunset API key usage

One of the main use cases we purchased your transactional add-on for is to act as an SMTP server for our Subscription Billing Tool. That tool's SMTP config allows for us to enter a Server Address, Username, Static Password and Port number. It does not allow for the ability to actively retrieve and refresh tokens as is necessary with OAuth. Is Hubspot's stance that the will no longer support a standard SMTP integration such as this?

0 Votes
Willson
HubSpot Employee
HubSpot Employee

Restrict Transactional Email SMTP endpoints to OAuth authentication only and sunset API key usage

Hi @BVMcDevitt 

 

We're currently investigating this with our Engineers internally and will revert with an update as soon as we can.

 

Thanks!

Product Manager @ HubSpot
0 Votes
sauntimo
Membre

Restrict Transactional Email SMTP endpoints to OAuth authentication only and sunset API key usage

If you're going to sunset a feature, it would be really useful to prominently display a timescale by which we are expected to transition to the new method - telling us it's happening but not saying when makes it very difficult to prioritise the dev work required to respond to this 😞

 

I'm... I'm assuming that API keys didn't actually die yesterday as the only date on your post suggests? Because that's not sunsetting, that's axeing.

0 Votes
rhenry
HubSpot Employee
HubSpot Employee

Restrict Transactional Email SMTP endpoints to OAuth authentication only and sunset API key usage

Hi @sauntimo 
 
Thank you very much for your feedback and questions.
 
I have updated the forum post with more detail so it's a little clearer for our community. Thank you for pointing that out to us. 
 
We have ended API key usage yesterday for the 3 SMTP endpoints listed above only.
This means that any customer accessing those endpoints today will have to authenticate using OAuth.
 
However, if you are a customer who has accessed those endpoints in the last 6 months we’ve reached out to you separately to discuss a plan to move you to the new authentication method.
 
If you have any follow up questions or concerns about  your account in particular please don’t hesitate to send me a direct message on here and I can assist you.
 
Many thanks, 
Rahmona
Rahmona Henry
0 Votes
sauntimo
Membre

Restrict Transactional Email SMTP endpoints to OAuth authentication only and sunset API key usage

Thanks for clarifying, much appreciated.