Hubspot Integration
Wire your product into HubSpot CRM with OAuth, object CRUD, associations, batch APIs, webhooks, and custom objects via official SDKs.
Overview
HubSpot Integration is an agent skill for the Build phase that implements HubSpot CRM connectivity with OAuth, objects, associations, batch ops, webhooks, and custom objects.
Install
npx skills add https://github.com/sickn33/antigravity-awesome-skills --skill hubspot-integrationWhat is this skill?
- OAuth 2.0 authorization URL, callback token exchange, and scoped CRM access
- CRM objects, associations between records, and batch operations
- Webhook subscription patterns for CRM change events
- Custom object modeling alongside standard HubSpot objects
- Node (@hubspot/api-client) and Python SDK-oriented examples
Adoption & trust: 595 installs on skills.sh; 40.1k GitHub stars; 3/3 security scanners passed (skills.sh audits).
What problem does it solve?
You need HubSpot in your stack but OAuth flows, object APIs, and association graphs are verbose and easy to mis-scope.
Who is it for?
Indie SaaS linking signups, billing events, or product activity into HubSpot for solo-led sales and lifecycle.
Skip if: HubSpot marketing email template design or SEO—this skill is CRM API and OAuth engineering.
When should I use this skill?
Building HubSpot CRM integration with OAuth, CRM objects, associations, batch operations, webhooks, or custom objects in Node.js or Python.
What do I get? / Deliverables
You get SDK-aligned HubSpot integration patterns for auth, CRUD, linking records, batches, and webhooks ready to drop into your backend.
- OAuth authorize and token-exchange flow
- CRM read/write and association patterns using official SDKs
Recommended Skills
Journey fit
HubSpot work is implementation-time CRM plumbing—canonical on Build even though it supports later Grow sales motions. Integrations fits OAuth apps, REST CRM APIs, webhooks, and SDK usage in Node or Python.
How it compares
Backend CRM integration skill, not a no-code HubSpot workflow recipe or generic database ORM guide.
Common Questions / FAQ
Who is hubspot-integration for?
Solo and small-team builders shipping product-led or sales-assisted flows that must sync with HubSpot CRM programmatically.
When should I use hubspot-integration?
In Build when you add OAuth to HubSpot, sync contacts or deals, use batch APIs, subscribe to webhooks, or define custom objects.
Is hubspot-integration safe to install?
Use the Security Audits panel on this page; never embed client secrets in repo—store OAuth credentials in secure environment configuration.
SKILL.md
READMESKILL.md - Hubspot Integration
# HubSpot Integration Expert patterns for HubSpot CRM integration including OAuth authentication, CRM objects, associations, batch operations, webhooks, and custom objects. Covers Node.js and Python SDKs. ## Patterns ### OAuth 2.0 Authentication Secure authentication for public apps **When to use**: Building public app or multi-account integration ### Template // OAuth 2.0 flow for HubSpot import { Client } from "@hubspot/api-client"; // Environment variables const CLIENT_ID = process.env.HUBSPOT_CLIENT_ID; const CLIENT_SECRET = process.env.HUBSPOT_CLIENT_SECRET; const REDIRECT_URI = process.env.HUBSPOT_REDIRECT_URI; const SCOPES = "crm.objects.contacts.read crm.objects.contacts.write"; // Step 1: Generate authorization URL function getAuthUrl(): string { const authUrl = new URL("https://app.hubspot.com/oauth/authorize"); authUrl.searchParams.set("client_id", CLIENT_ID); authUrl.searchParams.set("redirect_uri", REDIRECT_URI); authUrl.searchParams.set("scope", SCOPES); return authUrl.toString(); } // Step 2: Handle OAuth callback async function handleOAuthCallback(code: string) { const response = await fetch("https://api.hubapi.com/oauth/v1/token", { method: "POST", headers: { "Content-Type": "application/x-www-form-urlencoded" }, body: new URLSearchParams({ grant_type: "authorization_code", client_id: CLIENT_ID, client_secret: CLIENT_SECRET, redirect_uri: REDIRECT_URI, code: code, }), }); const tokens = await response.json(); // { // access_token: "xxx", // refresh_token: "xxx", // expires_in: 1800 // 30 minutes // } // Store tokens securely await storeTokens(tokens); return tokens; } // Step 3: Refresh access token (before expiry) async function refreshAccessToken(refreshToken: string) { const response = await fetch("https://api.hubapi.com/oauth/v1/token", { method: "POST", headers: { "Content-Type": "application/x-www-form-urlencoded" }, body: new URLSearchParams({ grant_type: "refresh_token", client_id: CLIENT_ID, client_secret: CLIENT_SECRET, refresh_token: refreshToken, }), }); return response.json(); } // Step 4: Create authenticated client function createClient(accessToken: string): Client { const hubspotClient = new Client({ accessToken }); return hubspotClient; } ### Notes - Access tokens expire in 30 minutes - Refresh tokens before expiry - Store refresh tokens securely - Rotate tokens every 6 months ### Private App Token Authentication for single-account integrations **When to use**: Building internal integration for one HubSpot account ### Template // Private App Token - simpler for single account import { Client } from "@hubspot/api-client"; // Create client with private app token const hubspotClient = new Client({ accessToken: process.env.HUBSPOT_PRIVATE_APP_TOKEN, }); // Private app tokens don't expire // But should be rotated every 6 months for security // Example: Get contacts async function getContacts() { try { const response = await hubspotClient.crm.contacts.basicApi.getPage( 100, // limit undefined, // after cursor ["firstname", "lastname", "email", "phone"], // properties ); return response.results; } catch (error) { if (error.code === 429) { // Rate limited - implement backoff const retryAfter = error.headers?.["retry-after"] || 10; await sleep(retryAfter * 1000); return getContacts(); } throw error; } } // Python equivalent // from hubspot import HubSpot // // client = HubSpot(access_token=os.environ["HUBSPOT_PRIVATE_APP_TOKEN"]) // // contacts = client.cr