New: MCP server monitoring is live. Start free trial
Intello
HubSpotAuthBehavioral

Security requirements changed for POST /crm/v3/properties/{objectType}/groups

Affected surface
POST /crm/v3/properties/{objectType}/groups

What changed

Security requirements changed for POST /crm/v3/properties/{objectType}/groups Affected surface: POST /crm/v3/properties/{objectType}/groups. Detected at Fri, 22 May 2026 18:43:25 UTC UTC.

Diff

{
  "current_value": [
    {
      "oauth2": [
        "crm.objects.carts.write"
      ]
    },
    {
      "oauth2": [
        "crm.objects.orders.write"
      ]
    },
    {
      "oauth2": [
        "crm.objects.users.write"
      ]
    },
    {
      "oauth2": [
        "crm.pipelines.orders.write"
      ]
    },
    {
      "oauth2": [
        "crm.schemas.appointments.write"
      ]
    },
    {
      "oauth2": [
        "crm.schemas.carts.write"
      ]
    },
    {
      "oauth2": [
        "crm.schemas.commercepayments.write"
      ]
    },
    {
      "oauth2": [
        "crm.schemas.companies.write"
      ]
    },
    {
      "oauth2": [
        "crm.schemas.contacts.write"
      ]
    },
    {
      "oauth2": [
        "crm.schemas.courses.write"
      ]
    },
    {
      "oauth2": [
        "crm.schemas.custom.write"
      ]
    },
    {
      "oauth2": [
        "crm.schemas.deals.write"
      ]
    },
    {
      "oauth2": [
        "crm.schemas.invoices.write"
      ]
    },
    {
      "oauth2": [
        "crm.schemas.listings.write"
      ]
    },
    {
      "oauth2": [
        "crm.schemas.orders.write"
      ]
    },
    {
      "oauth2": [
        "crm.schemas.projects.write"
      ]
    },
    {
      "oauth2": [
        "crm.schemas.quotes.write"
      ]
    },
    {
      "oauth2": [
        "crm.schemas.services.write"
      ]
    },
    {
      "oauth2": [
        "crm.schemas.subscriptions.write"
      ]
    },
    {
      "oauth2": [
        "e-commerce"
      ]
    },
    {
      "oauth2": [
        "tickets"
      ]
    },
    {
      "oauth2": [
        "tickets.highly_sensitive.v2"
      ]
    },
    {
      "oauth2": [
        "tickets.sensitive.v2"
      ]
    }
  ],
  "path": "POST /crm/v3/properties/{objectType}/groups",
  "previous_value": [
    {
      "oauth2": [
        "properties-settings-write"
      ]
    }
  ]
}

Likely impact

The contract still holds, but observable behavior shifted — defaults, response timing, or rate-limit shaping. Existing code keeps compiling and most calls keep working, but edge cases may differ. Worth a sanity check.

Recommended action

Re-check your auth setup against the provider's current docs. Auth changes typically require config updates, not code changes.

Related changes

Other endpoints affected by the same root cause.

Catch changes like this on every API you depend on.

Intello monitors 100+ APIs and tells you the moment something changes — before it breaks production.

Start free trial