HubSpot Private Application Token

Description

General

• Documentation: https://developers.hubspot.com/beta-docs/guides/apps/private-apps/overview
• Summary: HubSpot is a comprehensive customer relationship management (CRM) platform that offers tools for marketing, sales, customer service, and content management. It provides developers with the ability to create private apps that are used to access the data of a workspace.
• IPs allowlist: This feature is not available.
• Scopes: Upon creation, a HubSpot private app is granted with a list of scopes. The scopes are very detailed and are split among HubSpot products: CRM, CMS, Automation, Communication Preferences, Conversations, Marketing, Settings and Others.

Revoke the secret

HubSpot API keys can be rotated in the web UI: see here.

Check for suspicious activity

It it possible to see all API calls in the web UI: see in Integrations/Private Apps/Logs.

Details for Hubspot private app token

• Family: Api

• Category: CRM

• Company: HubSpot

• High recall: False

• Validity check available: True

• Analyzer available: True

• On-premise instances exist: False

• Only valid secrets raise an alert: False

• Minimum number of matches: 1

• Occurrences found for one million commits: 1.28

• Prefixed: False

• PreValidators:

- type: ContentWhitelistPreValidator
  patterns:
    - pat-[a-z]{2}[0-9]-[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}

Examples

- text: "Some context.\n apikey=pat-na1-91d91373-8e94-4872-893c-e7d080224a56"
  apikey: pat-na1-91d91373-8e94-4872-893c-e7d080224a56
- text: 'Some context for a EU API key\n API_KEY="pat-eu1-91d91373-8e94-4872-893c-e7d080224a56"'
  apikey: pat-eu1-91d91373-8e94-4872-893c-e7d080224a56