Bad Request when trying to send a request to HubSpot

Domain: api [dot] hubapi [dot] com
Original question on HubSpot Community: Google for “hubspot community Bad Request when creating contact with refit client”
(I am not allowed to include links as a new user :sweat_smile:)

I am getting a “400 Bad Request” when trying to create a contact on HubSpot via API using refit (google refit github if you need more information)

Error (sadly very generic):

<html>
<head>
<meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>
<title>Error 400 Bad Request</title>
</head>
<body><h2>HTTP ERROR 400</h2>
<p>Reason:
<pre>    Bad Request</pre></p>
</body>
</html>

I used Fiddler to check the Request:

POST https://api.hubapi.com/crm/v3/objects/contacts HTTP/1.1
Host: api.hubapi.com
Authorization: Bearer Token
traceparent: 00-5ac52689eac44d8eaf689fb14cbaa44b-a3b6e4afafbf2ed8-01
Content-Type: text/plain; charset=utf-8, application/json
Content-Length: 259

{
    "properties": {
        "email": "[email protected]",
        "lastname": "Name",
        "phone": "017634343434",
        "presentation": "custom field with string",
        "zipcode": "01239",
        "regionname": "Dresden"
    }
}

When I copy everything into Postman, it works - maybe something is missing in the header?
Since the error is sent from Cloudflare and not from HubSpot, I was wondering if the request is blocked due to security reasons before it reaches the API.

This error hasn’t been sent from Cloudflare:

  • Cloudflare doesn’t send 400 responses, only 403 if a request is blocked
  • If the error page is from Cloudflare then it will be Cloudflare-branded with a logo.

Does HubSpot give you any logs or insight into why a request is denied?

Thanks for the hints.
I don’t have any more details from HubSpots side - I’d need the next package upgrade for that I guess.
In the documentation it says, that HubSpot sends a json response with a reason why the request was blocked - except in this case it seems, where I get nothing and I don’t even get a json. I only noticed when I removed “accept/json” from the headers, otherwise I was left empty handed.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.