Skip to content

HubSpot OAuth Token

Service Name: HubSpot

Service Description: HubSpot is a leading customer relationship management (CRM) platform that provides software and support to help businesses grow. It offers tools for marketing, sales, content management, and customer service.

Service Address: https://www.hubspot.com/

Validation Type: API Auth

IP Allow list: IP restrictions can be configured at the account level through HubSpot's security settings.

Secret Access Scope: Grants programmatic access to HubSpot's API endpoints, allowing interaction with contacts, companies, deals, tickets, and other HubSpot data depending on the scopes assigned to the token.

Secret Revokement URL: https://app.hubspot.com/settings/integrations

Secret Example: pat-na1-12345678-abcd-1234-abcd-1234567890ab

Suspicious Activity Investigation Instructions:

  • Review the HubSpot audit logs for unusual API calls or data access patterns
  • Check for unexpected changes to contacts, deals, or other CRM data
  • Monitor for unusual volumes of API requests or access from unfamiliar locations
  • Review the OAuth app permissions and connected integrations in your HubSpot account
  • Verify if there are any unauthorized workflows or automations created

Mitigation Instructions:

  • Log in to your HubSpot account and navigate to Settings > Integrations > Private Apps

  • Locate the compromised OAuth token/application

  • Click "Delete" or "Revoke Access" for the affected token
  • Create a new private app with appropriate scopes if needed
  • Review and update access permissions for all remaining integrations
  • Enable two-factor authentication for all HubSpot users
  • Consider implementing IP restrictions for API access
  • Audit user permissions and remove unnecessary access rights
  • Monitor for any data that may have been compromised during the unauthorized

access