I’ve been working on a HubSpot integration and got everything working with their sandbox environment. My PHP code connects fine using cURL to the test account they provided.
Now I’m stuck trying to figure out how to switch this over to our actual HubSpot account. I can’t seem to locate where to find the production Client ID and Client Secret values in our real HubSpot dashboard.
Is there a specific section in the account settings where these credentials are generated? Or do I need to register my application somewhere else to get access to the live environment?
Any guidance on the proper steps to migrate from testing to production would be really helpful.
Don’t use your sandbox credentials - you need to create a new app registration in your production HubSpot account. Go to Settings > Integrations > Connected Apps, then find either “Developer” or “Private Apps” (depends on your HubSpot tier). Create a fresh app registration there and it’ll generate new production credentials. Make sure your scopes match exactly what you had in testing. Double-check that your webhook URLs and redirect URIs point to your live domain, not localhost or staging. The auth flow stays the same, but you’re working with completely different API keys. Also heads up - rate limits might be different between sandbox and production, so keep an eye on your API calls at first to avoid getting throttled.
yep, just go to the apps section in your HubSpot settings from the dev account. You gotta create a new production app there to get a new client ID and secret. make sure to check your redirect URLs too or the auth will mess up.
From my HubSpot migration experience, you’ll need to hit your production account’s developer settings directly. Go to Settings > Account Setup > Integrations > Private Apps for newer private apps, or Settings > Integrations > Connected Apps > Developer for older OAuth flows. The exact spot depends on your subscription level and when you created the account. Here’s what caught me off guard - production credentials are way stricter with validation. Your callback URLs must be HTTPS and match exactly what you registered. Also, some API endpoints handle errors differently in production, so test your error catching thoroughly after switching over. The auth process stays the same, but production won’t forgive malformed requests like dev environments do.