Work with us

We’re always looking for ambitious businesses who understand the world is changing, and are driven to adapt and thrive. Take the next step and book a call with our team.

Work with us

We’re always looking for ambitious businesses who understand the world is changing, and are driven to adapt and thrive. Take the next step and book a call with our team.

Join Our Team

Are you a motivated individual, looking to challenge yourself and make a positive impact on the business world? Take a look at our vacancies.

Remember, remember, the 30th of November. It’s the deadline for using HubSpot API keys — after the 30th, businesses will need a different solution for authenticating and authorizing apps and custom integrations.

As a part of HubSpot’s continuous efforts to boost cybersecurity and protect customer data, HubSpot is phasing out API keys. We explore what all this means for non-technical readers. But first, here’s a summary of who this affects and how organizations can adapt to this change:

HubSpot is removing API keys — who does this impact?

Any HubSpot account utilizing custom integrations might be affected by this change. This is because API keys are in common usage as there are only a few methods used to authenticate HubSpot apps and custom integrations, and API keys are the quickest and easiest to set up of the available methods. 

For this reason, anyone using custom integrations should review how it’s built and make appropriate adjustments. 

What do I need to do?

Once API keys are phased out, HubSpot will no longer authenticate custom integrations or apps that still use API keys. This means that these apps and integrations will no longer be able to communicate with HubSpot and will likely stop working as intended. 

Preventing this requires migrating integrations from API key authentication to either HubSpot Private Apps or HubSpot Public Apps using OAuth 2.0. For peace of mind and a seamless migration process, consider contacting the experts

When is the deadline?

Starting November 30, 2022, all customers will no longer have access to API keys or API key-based authentication.

Phew, now that we’ve gotten the nitty-gritty details, we can focus on explaining key terms and concepts, like what an API is and why we may need keys for them.

What are HubSpot API keys?

For the non-developers in the room, Application Programming Interfaces (APIs) provide a way for two or more different computer programs to speak to each other. Along with defining how pieces of software interact with each other, APIs control requests made between programs, how those requests are made, and the data formats used. This is such a necessary function that you could say the entire internet is stitched together using APIs. 

HubSpot’s API enables developers to build custom integrations and apps that help you get the most value out of HubSpot. This is a powerful feature but if bad actors were to gain access to your HubSpot account’s API, then they could retrieve and interact with sensitive business and customer data. 

HubSpot API keys improve account security by identifying and authorizing projects and applications and limiting API access to those with an API key. So if a developer has the secret code (HubSpot API key), then they can send requests to the HubSpot API. But if you don’t have the secret code, then you’re locked out of the castle with no way of getting in. 

The downside to using API keys is that they function like passwords. If a hacker were to get their hands on your API key, then they might exploit it to access data like personal information. Keeping your API key safe requires vigilance from every person with access to it. As a recent CloudSek study shows, data leaks are bound to occur when having faith in people is a crucial feature of your cybersecurity strategy. The digital risk company discovered that the data of over 1.6 million users has been compromised through sloppily handled HubSpot API keys. 

Better security through Private and Public HubSpot Apps 

Unlike API keys, where all HubSpot integrations share the same secret code, Private and Public Apps enable you to set up separate and distinct access tokens for each integration. While the code still needs to be kept secret, access tokens can be customized to have different levels of API access, giving you greater control over how users access business processes and data. 

It’s the difference between giving all users super admin access — as is the case with API keys — and selecting user privileges and permissions based on the integration — as enabled by Private and Public Apps. 

While they have similar functions, Private Apps are designed for single HubSpot accounts. Conversely, Public Apps are intended for use by multiple HubSpot accounts. 

Don’t let the sun go down on you

Businesses using custom integrations have until November 30, 2022, to ensure they aren’t impacted by HubSpot sunsetting API keys. If you’re in this position, then you have two options. You can replace all API keys with Private or Public App tokens yourself, or you can hire a HubSpot Solutions Partner to do it for you.

At Huble, our Software Integrations and Development Team specializes in helping organizations maximize value from the HubSpot system. Along with building custom integrations, we offer support connecting tools and bespoke solutions. This includes helping businesses migrate from  API keys to Private or Public Apps. 

If you need support moving away from API keys, then contact us. We’ll come up with a foolproof plan that eliminates the risk of business disruption.

Book a free SEO audit

Your website is your most valuable sales and marketing tool, so it needs to be as optimised as it can be. Uncover opportunities to boost your rankings with a free SEO audit.



HubSpot’s cookie consent banner update: What you need to know

HubSpot is updating its cookie consent banner to version 2 on July 5, 2024. Here’s what you need to

HubSpot integration services: standard vs custom

Discover how HubSpot's power extends further through strategic integrations. Explore the various

How to build a scalable website: considerations and benefits

This article explores how to build a scalable website, offering insight into what scalability means

HubSpot CRM customization: tailoring HubSpot with React UI

At its core, CRM customization is the process of tailoring your CRM system to align seamlessly with