Adding Additional Scopes

When you're setting up OAuth integration with HubSpot's API, scopes play a crucial role in defining what level of access your application or integration will have to a user's HubSpot account. Scopes specify the permissions or actions your integration can perform on behalf of the user.

Usage of Scopes in OAuth Integration:

You will request specific scopes when you generate an OAuth access token for your integration. HubSpot offers different scopes like "contacts," "automation," or "analytics." These scopes grant access to different parts of a user's HubSpot account.

It's important to request only the scopes that your integration actually needs. This follows the principle of least privilege, enhancing security. For example, if your integration only needs to read contact data, you can request the "contacts" scope without requesting unnecessary access to other features. For Data Lab Box, we request access to the following scopes:


  • crm.lists.write

  • crm.objects.contacts.write

  • crm.objects.custom.write

  • crm.export

  • crm.import

  • integration-sync

You can adjust these on the Change the Open an External Website step of the Activate HubSpot Group workflow. For easier access, we have created folders for each integration, click on the HubSpot Integration folder and it's in there.

Make sure to clearly communicate to users the scopes your integration is requesting during the OAuth authorization process, ensuring transparency and user consent.

For additional information on HubSpot scopes, please visit their docs here.

Last updated