HubSpot Update: Declarative Optional Scopes for Public Apps

Ever scrolled through HubSpot apps, you know, deciding which one to try out, and suddenly you're hit with this, like, laundry list of permissions.

Oh, yeah.

It's like this app wants to access your contacts, files, maybe even your cat's birthday.

Right. Like, hold on a second. What does scheduling social media posts have to do with my contact list?

Exactly. And I think a lot of HubSpot users, developers or not, have felt this this kind of unease about where the line is.

Absolutely. And the need for, well, more transparency and control over our data is becoming a much bigger deal everywhere, not just HubSpot.

For sure. But, hey, some good news. HubSpot's dropping a pretty big update to, well, how these apps even get permission to touch our precious data.

This is big. It's not just like a little tweak. This is a fundamental change to how the app ecosystem works.

So let's break it down. What's actually changing at a at a nuts and bolts level?

So the Wild West of developers picking whatever data they want. Yeah. That's over.

Okay. I like how you put that.

Starting October 21, 2024, every single app on the HubSpot marketplace, they gotta play by new rules.

October 21, 2024. Got it. So circle that date on your calendars, folks.

Developers now have to specify, and I mean very precisely, exactly what data their app needs and why. They've gotta use HubSpot's new advanced settings. No more of this give me everything approach.

That's I mean, that's huge for security. Right? Huge. No more accidentally giving away the keys to the kingdom because you didn't read the fine print on permission number 17.

It's about setting those digital boundaries. Right? Mhmm.

Think

of it this way. You're using, say, an app to schedule out social media posts. Right now, it might ask to see your entire contact database, even if you just wanna schedule 1 post to 1 channel.

Makes no sense.

With this update, that same app, it has to be designed to ask for, say, access to specific lists only and only when you're actively using the scheduling feature.

That's smart. Right. Not only am I less likely to over share sensitive stuff, but just makes the whole experience, like, way less stressful.

Exactly. And this all ties back into this larger trend we're seeing with data privacy, like GDPR and CCPA. It's all about putting the user back in the driver's seat. Data privacy shouldn't be an afterthought. It's a fundamental right.

It's like, finally, the tech world is catching up with common sense.

Right.

But okay. Let's talk about the developers for a second. This sounds like it could be, I don't know, a bit of a headache for them to implement, at least initially.

Yeah. There's gonna be a learning curve, no doubt. But I think long term, this actually gives them more flexibility and control too.

How so?

Think about it. HubSpot's not just, like, putting up walls and saying figure it out. Mhmm. They're giving devs better tools. With these new advanced settings, they can create a much more, how do I put it, a more granular and transparent experience for users.

Okay. So give me an example. How does that actually play out in an app?

Say an app has different features, different tiers. Right? Maybe a basic plan and a premium plan. They can now set it up. So if someone's using the basic plan, they only need to grant access to, like, a limited set of data, just what that basic plan uses. But if they upgrade to unlock the fancy pro features, boom, the app can then request permission for just the specific data those new features need, nothing more.

Ah, so it's like a step by step approach, guiding users through what they're giving access to as opposed to just hitting them with this wall of requests all at once.

You got it. And that builds trust. It's better for the user, better for the developer. Everyone wins.

So it's not just about making things more secure. It's about creating a better overall experience.

Exactly.

So there you have it folks. HubSpot's making a big move towards a safer, more transparent app experience, and honestly, it's about time.

Agreed.

This is more than just some technical update. It's about shifting the balance of power back towards the user, recognizing that data privacy is not negotiable.

And it'll be interesting to see how this impacts the development of new HubSpot apps going forward. Will we see even more innovative features now that developers have to be so much more intentional about the data they're using.

Now that is something to ponder. So what do you think? Have you ever run into one of those apps with, like, ridiculously grabby permissions?

Or maybe you're a developer and you've got some thoughts on this new system.

Hit us up on social media. We wanna hear from you. Until next time. Happy HubSpotting.