MCP HubMCP Hub
SKILL·D17A16

audit-api-usage

TomGranot
更新日 3 days ago
51
14
51
GitHubで表示
開発api

について

このスキルは、2027年3月30日のサポート終了期限を前に、レガシーなv1-v4エンドポイントを使用しているすべての呼び出しを特定するために、HubSpot API統合を監査します。プライベートアプリやツーリングを新しい日付ベースのAPIバージョンに移行するためのチェックリストを生成します。サポートと認証を維持するために必要なアップグレードを計画し、スタックを事前に棚卸しするためにご利用ください。

クイックインストール

Claude Code

推奨
メイン
npx skills add TomGranot/hubspot-admin-skills -a claude-code
プラグインコマンド代替
/plugin add https://github.com/TomGranot/hubspot-admin-skills
Git クローン代替
git clone https://github.com/TomGranot/hubspot-admin-skills.git ~/.claude/skills/audit-api-usage

このコマンドをClaude Codeにコピー&ペーストしてスキルをインストールします

ドキュメント

Audit API Usage Before the 2027 Version Cutoff

In March 2026 HubSpot replaced semantic API versioning (v1-v4) with date-based versions (/2026-03/-style paths, two releases a year, 18 months of support each). Everything still calling v1-v4 endpoints — including legacy OAuth v1 — becomes unsupported on March 30, 2027. This skill inventories what in your stack calls HubSpot and produces a migration checklist.

Why This Matters

The deadline fails quietly: unsupported APIs "no longer receive updates, bug fixes, or stability guarantees," and marketplace apps that don't migrate risk losing certification. A portal typically has more callers than anyone remembers — private apps, marketplace apps, middleware (Zapier/Make), form embeds, internal scripts, data warehouse syncs. Finding them takes an afternoon now or an incident later.

Key Facts

FactDetail
Current recommended version2026-03
Release cadenceMarch and September, every year
Support lifecycleCurrent (6 months) → Supported (to 18 months) → Unsupported
v1–v4 end of supportMarch 30, 2027
Also deprecatedLegacy v1 OAuth API (token issuance/introspection)

Prerequisites

  • Super Admin access (to view Integrations settings and private app logs)
  • Optionally: a private app token (HUBSPOT_ACCESS_TOKEN in .env) for the account-level usage query
  • Access to the source code of any internal integrations

Execution Pattern

Stage 1: Plan

Confirm with the user: which systems are known to touch HubSpot (CRM syncs, website forms, analytics pipelines, internal scripts), and who owns each.

Stage 2: Before — Build the Caller Inventory

Work through each discovery source and record every caller in a checklist (owner, what it does, endpoints/versions used):

  1. Private apps: Settings > Integrations > Private Apps. Open each app > Logs — the API call log shows the exact request paths (/crm/v3/..., /contacts/v1/...), which reveal the version in use.
  2. Connected/marketplace apps: Settings > Integrations > Connected Apps. You can't see their internals; note each vendor — certified apps are being pushed to migrate by HubSpot, but confirm with the vendor for anything business-critical.
  3. Internal codebases: grep for version-revealing patterns:
    grep -rEn "api\.hubapi\.com/[a-z-]+/v[0-9]|/contacts/v1|/email/public/v1|hubapi.com/automation/v[23]" .
    
  4. Middleware (Zapier, Make, Workato, n8n): platform-managed connectors migrate on the vendor's schedule; custom HTTP steps inside them do not — check those by hand.
  5. Account-wide API usage (optional script check): the account-info API reports daily API usage totals for private apps:
    resp = requests.get(f"{BASE}/account-info/v3/api-usage/daily", headers=HEADERS)
    
    This confirms how much traffic flows, not which versions — use the per-app logs from step 1 for version detail.

Stage 3: Execute — Classify and Plan Migrations

For every caller, classify:

StatusMeaningAction
RedCalls v1/v2 legacy endpoints (e.g., /contacts/v1/, /email/public/v1/, forms v2) or legacy OAuth v1Migrate now — many of these had earlier sunset dates already
AmberCalls v3/v4 endpointsWorks until 2027-03-30; schedule migration to 2026-03 date-based paths
GreenCalls date-based paths, or vendor-managed and confirmed migratingMonitor

For amber/red internal code, the migration is usually mechanical — same resources, new path prefix and (sometimes) renamed fields; consult the endpoint's migration notes in HubSpot's docs. Batch the work per codebase, not per endpoint.

This repo's own scripts are amber by design: they target /crm/v3/ and /automation/v4/, supported until March 2027, with the migration path documented in CONTRIBUTING.md.

Stage 4: After

  1. Every caller in the inventory has a status and an owner.
  2. Red items have migration tickets with dates; amber items are scheduled before 2027-03.
  3. Re-run this audit every 6 months — each March/September release starts a new support clock.

Rollback

Read-only — nothing to roll back.

Technical Gotchas

  1. Private app logs are the ground truth. Code greps miss dynamically-built URLs; the per-app request logs in Settings show what is actually being called.
  2. 404 vs 403 vs unsupported. After end of support, endpoints may keep working for a while — "unsupported" means no fixes or guarantees, not an instant shutoff. Do not treat "it still works" as "we're fine."
  3. OAuth is part of this. Apps using legacy v1 OAuth token endpoints must move to the date-based OAuth API even if their data endpoints are current.
  4. SDK versions pin API versions. If an integration uses an official HubSpot SDK, the SDK's major version determines which API version it calls — check the SDK changelog, not just your code.

GitHub リポジトリ

TomGranot/hubspot-admin-skills
パス: skills/audit-api-usage
0
hubspothubspot-apihubspot-crmhubspot-integration
FAQ

Frequently asked questions

What is the audit-api-usage skill?

audit-api-usage is a Claude Skill by TomGranot. Skills package instructions and resources that Claude loads on demand, so Claude can perform audit-api-usage-related tasks without extra prompting.

How do I install audit-api-usage?

Use the install commands on this page: add audit-api-usage to Claude Code as a plugin, or clone its repository into your skills directory, then restart Claude so it picks up the skill.

What category does audit-api-usage belong to?

audit-api-usage is in the Development category, tagged api.

Is audit-api-usage free to use?

Yes. audit-api-usage is listed on AIMCP and free to install. It runs inside Claude, so no separate service account is required to use the skill itself.

関連スキル

qmd
開発

qmdは、BM25、ベクトル埋め込み、およびリランキングを組み合わせたハイブリッド検索を用いて、ローカルファイルのインデックス作成と検索を可能にするローカル検索・インデックス作成CLIツールです。コマンドラインでの使用と、Claudeとの統合のためのMCP(Model Context Protocol)モードの両方をサポートしています。このツールは埋め込みにOllamaを使用し、インデックスをローカルに保存するため、ターミナルから直接ドキュメントやコードベースを検索するのに最適です。

スキルを見る
subagent-driven-development
開発

このスキルは、各独立したタスクに対して新規のサブエージェントを起動し、タスク間でコードレビューを実施しながら実装計画を実行します。レビュープロセスを通じて品質基準を維持しつつ、迅速な反復を可能にします。同一セッション内で主に独立したタスクに取り組む際に本スキルをご利用いただくことで、組み込まれた品質チェックを伴う継続的な進捗を確保できます。

スキルを見る
mcporter
開発

mcporterスキルは、開発者がClaudeから直接Model Context Protocol(MCP)サーバーを管理および呼び出せるようにします。このスキルは、利用可能なサーバーの一覧表示、引数を指定したツールの呼び出し、認証およびデーモンのライフサイクル管理を行うコマンドを提供します。開発ワークフローにおいてMCPサーバーの機能を統合およびテストする際に、このスキルをご利用ください。

スキルを見る
adk-deployment-specialist
開発

このスキルは、A2Aプロトコルを使用してVertex AI ADKエージェントをデプロイおよびオーケストレーションし、AgentCardの発見、タスク送信、およびコード実行サンドボックスやメモリバンクなどのサポートツールを管理します。Python、Java、またはGoで、順次、並列、またはループのオーケストレーションパターンを用いたマルチエージェントシステムの構築を可能にします。Google Cloud上でADKエージェントのデプロイやエージェントワークフローのオーケストレーションを求められた際にご利用ください。

スキルを見る