How to hide your Hubspot PRIVATE_APP_ACCESS_TOKEN

Creating a .env file to store your secrets is a common practice and everyone knows how to do it. But HubpSpot’s private apps need a different setup to use your .env file. Here are the instructions on how to do it.

1. In your terminal cd to you application’s app.functions directory.
2. Type npm i dotenv This will install dotenv in node modules inside your app.
3. Inside the same folder create a .env file with this content

TEST_SECRET=the_access_token_hubspot_has_given

4. In your serverless.json file add the SECRET to your secrets, like this

{
  "appFunctions": {
    "myserverlessFn": {
      "file": "myserverlessFn.js",
      "secrets": ["TEST_SECRET"]
  }
}

4. Access your secret from your serverless function like this

const hubspotClient = new hubspot.Client({
  accessToken: process.env["TEST_SECRET"],
});

5. Save your access key on Hubspot for your app to use it. Install the hubspot CLI tools. In your terminal type

hs secrets add TEST_SECRET

copy and paste the value of your hubspot access_token and press enter. When you need to rotate the access token in your terminal type:

hs secrets update TEST_SECRET

copy and paste your new ACCESS_CODE and press enter

6. If you have selected GitHub integration, push your code to the branch that’s been auto-deployed.

Enjoy!