How To Get Access Token In Hubspot

Obtaining an access token from HubSpot is the crucial step that allows you to interact with HubSpot’s API. It is a necessary component of integrating your application with HubSpot’s services. This blog post will lead you through the process of obtaining an access token from HubSpot.

OAuth 2.0

HubSpot uses OAuth 2.0 for API authentication. OAuth 2.0 is a protocol that allows applications to gain limited access to user accounts on an HTTP service, such as Facebook, GitHub, and digital ocean.

Steps to get an access token

Here are the step-by-step instructions:

Step 1: Creating an App in HubSpot

The first step is to create an app in HubSpot. Visit Hubspot’s ‘App Marketplace’, click on ‘my apps’. Then, click ‘create an app’. Fill in the required details and click ‘create’.

Step 2: Setting up OAuth 2.0

After creating the app, you need to set up OAuth 2.0. Go to ‘auth’ tab in the app settings. Here, you need to add a ‘Redirect URL’ which will be used after the user authorizes the app.

Step 3: Get Authorization Code

Now you need to get the authorization code. This is done by making a GET request to HubSpot’s server. The URL for this request should look something like this:

Replace CLIENT_ID with your HubSpot app’s client ID, SCOPES with the scopes your app needs access to, and REDIRECT_URI with the redirect URL you added in the app settings.

Step 4: Exchange Authorization Code for Access Token

After authorizing the app, you’ll be redirected to the redirect URL with an authorization code as a URL parameter. This code can be exchanged for an access token with another POST request:

The body of this request should contain the following parameters:

  • grant_type (set to ‘authorization_code’)
  • client_id (your app’s client ID)
  • client_secret (your app’s client secret)
  • redirect_uri (the same redirect URL)
  • code (the authorization code)


That’s it! You have now successfully obtained an access token for your HubSpot application. Be sure to handle it carefully; it is like a password to your HubSpot API. Store it securely and do not expose it in any public or insecure locations.