- Getting Started
- Recommended Integration & Registration Flow
- Admin Console Overview
- User Onboarding and Management
- User Registration and Login
- Enterprise Applications
- Microsoft Integration
- Installing TraitWare PAM Module for SSH and SFTP
Hubspot SAML Integration
Posted on April 3, 2019
Contents
- What you need from TraitWare
- Setting up TraitWare
- Adding SAML Application
- Turning on application access for a user
- Setting up your service
Getting Started
Both TraitWare and Hubspot require certain information to be able to communicate securely with each other.
What You Need From Hubspot
- A paid Enterprise plan for Sales, Marketing, or Service Hubs(starting at $1200-$3200/month – billed annually)
- Your PortalID (provided by Hubspot)
What You Need From TraitWare
You will obtain the following when you create your TraitWare application.
- SAML Endpoint/Sign-in URL
- Issuer
- Public Verification Certificate
Setting Up TraitWare
In order for TraitWare to communicate with Hubspot, an application will need to be created. Once you have access from TraitWare, navigate to https://admin.traitware.com and use your TraitWare app to sign in.
If you do not have access to login to https://admin.traitware.com, please setup a trial account, or contact us at support@traitware.com
Adding a SAML Application
- Select Applications in the upper left.
- Select +Add Applications in the top right of the box to add a new application.
- Enter an Application Name that will make sense when you see it (ex: Hubspot TraitWare).
- SAML from the dropdown Application Type. A new section will appear upon choosing SAML.
- In the SAML Applications dropdown list, select Hubspot. The fields following will auto-fill with generic information.
- For Return URI, put a sign-in URL to redirect users back to upon timeout
- Replace YOURPORTALID in each field with the PortalID that you collected above. Ex: https://api.hubspot.com/login-api/v1/saml/login?portalid=YOURPORTALID becomes
https://api.hubspot.com/login-api/v1/saml/login?portalid=62515 - For Relay State, you can either leave this field blank
- For Metadata URL put n/a.
- You will not need to add any mapping.
- Select Submit.
- Once your application is submitted, it will populate the information required by your service provider
- Open the appropriate application, you will then be able to copy the information required
Turning on Application Access for User
- Select Users from the menu in the upper left.
- Select a user. Their User Profile will open.
- Find the Hubspot Application name under Applications, and select the application to enable access for that user.
Setting Up Hubspot
- Navigate to app.hubspot.com and sign in using your admin account.
- Select the Settings cog in the upper right
- Navigate to Security under the General Settings tab
- Select Set up next to Single Sign-on (SSO)
- In the Set up single sign-on window, copy the appropriate information (you only need the portalid)
- If you copy the entire string, make sure that the Audience URI (Service Entity ID) goes in the EntityID (SP Issuer Name) field while Sign on URL, ACS, Recipient, or Redirect goes in the POST URL, Recipient, Destination, and Audience fields
- For your Identity Provider Identifier or Issuer URL copy the Identity Issuer from the TraitWare Console
- For your Identity Provider Single Sign-On URL copy the Stand-alone QR Login SAML Endpoint from the TraitWare Console
- For your X.509 Certificate, copy the TraitWare Public Certificate from the TraitWare Console.
- Select Verify
Additional Information
If you do not see an application in the dropdown list during the Application setup, you can fill in the fields with your generic information. If you have issues, please contact us at support@traitware.com, and we will work with you to see if the application can be added.