Skip to main content
RapidDev - Software Development Agency
replit-integrationsStandard API Integration

How to Integrate Replit with Hootsuite

To integrate Replit with Hootsuite, register an OAuth 2.0 application in the Hootsuite developer portal, store your client credentials in Replit Secrets (lock icon 🔒), complete the authorization flow, and use the Hootsuite REST API from an Express or Flask server to schedule social posts, retrieve analytics, and manage your content library across connected social profiles.

What you'll learn

  • How to register a Hootsuite developer app and configure OAuth 2.0 credentials
  • How to complete the OAuth authorization flow and store tokens in Replit Secrets
  • How to schedule social media posts to multiple profiles via the Hootsuite API
  • How to retrieve social analytics and post performance data from Hootsuite
  • How to refresh OAuth tokens automatically to keep your integration running
Book a free consultation
4.9Clutch rating
600+Happy partners
17+Countries served
190+Team members
Intermediate13 min read25 minutesMarketingMarch 2026RapidDev Engineering Team
TL;DR

To integrate Replit with Hootsuite, register an OAuth 2.0 application in the Hootsuite developer portal, store your client credentials in Replit Secrets (lock icon 🔒), complete the authorization flow, and use the Hootsuite REST API from an Express or Flask server to schedule social posts, retrieve analytics, and manage your content library across connected social profiles.

Why Integrate Hootsuite with Replit?

Social media teams often need to publish content from external systems — content management platforms, e-commerce stores, event management tools, or custom dashboards — without manually logging into Hootsuite to schedule each post. The Hootsuite REST API lets your Replit backend act as an automated social publishing engine, queuing posts to multiple social profiles simultaneously, attaching media from your content library, and timing publication based on your own scheduling logic.

Beyond publishing, the Hootsuite API exposes analytics data that can feed custom reporting dashboards. If your team wants engagement metrics (likes, shares, comments, impressions) aggregated across platforms and displayed in a custom format, a Replit backend can pull that data from Hootsuite on a schedule and push it to a spreadsheet, database, or visualization tool. This is far more efficient than manual CSV exports from the Hootsuite dashboard.

Hootsuite uses OAuth 2.0 with a standard authorization code flow, which means your users or team members authorize your application once and your server handles token refresh automatically. The API covers the major Hootsuite objects: social profiles (the connected social accounts), messages (posts to schedule or published), media (content library items), and members (team users). Understanding which Hootsuite plan your organization uses matters — API access is typically available on Team plans and above.

Integration method

Standard API Integration

Replit connects to Hootsuite via the Hootsuite REST API using OAuth 2.0 credentials stored in Replit Secrets. Your Express or Flask server handles the OAuth authorization code flow to obtain access and refresh tokens, then uses those tokens to schedule posts to connected social profiles, retrieve engagement analytics, and manage media in the content library. Deploy as Autoscale to maintain token refresh reliability.

Prerequisites

  • A Hootsuite account with API access (Team plan or above)
  • A registered application in the Hootsuite developer portal (developer.hootsuite.com)
  • A Replit account with a Node.js or Python Repl created
  • Basic understanding of OAuth 2.0 authorization code flow
  • At least one social profile connected to your Hootsuite account

Step-by-step guide

1

Register a Hootsuite developer application

Go to developer.hootsuite.com and sign in with your Hootsuite account. Navigate to 'My Apps' and click 'Create New App'. Fill in the application name (e.g., 'Replit Scheduler'), description, and your intended use case. For the OAuth Redirect URI, enter your Replit preview URL followed by /oauth/callback — you can find your preview URL by running your Repl and looking at the URL in the Replit webview. Hootsuite will provision a Client ID and Client Secret for your application. These are the app-level credentials; the OAuth flow will generate separate per-user access tokens. Copy both values immediately. The available OAuth scopes you will need include: offline (for refresh tokens), post (to create and schedule messages), read_messages (to read scheduled and published posts), and analytics (to access engagement data). Request all the scopes you plan to use during app registration. Store HOOTSUITE_CLIENT_ID and HOOTSUITE_CLIENT_SECRET in Replit Secrets right away.

check-deps.js
1// Node.js — install required packages
2// Run in Replit Shell:
3// npm install express axios dotenv
4
5// Verify packages
6const deps = ['express', 'axios'];
7for (const dep of deps) {
8  try {
9    require.resolve(dep);
10    console.log(`OK: ${dep} available`);
11  } catch {
12    console.error(`MISSING: ${dep} — run npm install ${dep}`);
13  }
14}

Pro tip: Hootsuite's API access is tied to your subscription tier. If you receive a 403 error on API calls even after OAuth is complete, check that your Hootsuite plan includes API access — basic/free accounts typically do not have API access.

Expected result: A Hootsuite app is registered with a Client ID and Client Secret. The OAuth redirect URI is set to your Replit callback URL. HOOTSUITE_CLIENT_ID and HOOTSUITE_CLIENT_SECRET are stored in Replit Secrets.

2

Complete OAuth 2.0 authorization and store tokens

Hootsuite uses a standard OAuth 2.0 authorization code flow. Your server redirects the user to Hootsuite's authorization URL with your Client ID, requested scopes, and redirect URI. After the user approves, Hootsuite redirects back to your callback URL with an authorization code. Your server exchanges this code for an access token and refresh token by POSTing to Hootsuite's token endpoint. The access token expires in 1 hour; the refresh token can be used to obtain new access tokens without user interaction. Build two routes: /oauth/start (redirects to Hootsuite's authorization page) and /oauth/callback (exchanges the code for tokens and prints them to the console so you can store them in Replit Secrets). After running the OAuth flow once, store the HOOTSUITE_ACCESS_TOKEN and HOOTSUITE_REFRESH_TOKEN in Replit Secrets. Also record the expiry timestamp so your app can proactively refresh tokens before they expire. In the main application, implement a token refresh function that checks expiry and calls the token refresh endpoint if needed before making API calls.

oauth.py
1# Python  Hootsuite OAuth 2.0 flow (oauth.py)
2from flask import Flask, request, redirect
3import requests
4import os
5import json
6
7app = Flask(__name__)
8
9CLIENT_ID = os.environ['HOOTSUITE_CLIENT_ID']
10CLIENT_SECRET = os.environ['HOOTSUITE_CLIENT_SECRET']
11REDIRECT_URI = os.environ.get('REPLIT_URL', 'http://localhost:3000') + '/oauth/callback'
12SCOPES = 'offline post read_messages analytics'
13
14@app.route('/oauth/start')
15def oauth_start():
16    auth_url = (
17        f'https://platform.hootsuite.com/oauth2/auth'
18        f'?response_type=code&client_id={CLIENT_ID}'
19        f'&redirect_uri={REDIRECT_URI}&scope={SCOPES}'
20    )
21    return redirect(auth_url)
22
23@app.route('/oauth/callback')
24def oauth_callback():
25    code = request.args.get('code')
26    resp = requests.post(
27        'https://platform.hootsuite.com/oauth2/token',
28        data={
29            'grant_type': 'authorization_code',
30            'code': code,
31            'redirect_uri': REDIRECT_URI,
32            'client_id': CLIENT_ID,
33            'client_secret': CLIENT_SECRET
34        }
35    )
36    tokens = resp.json()
37    # Copy these values to Replit Secrets
38    print(f"ACCESS TOKEN: {tokens.get('access_token')}")
39    print(f"REFRESH TOKEN: {tokens.get('refresh_token')}")
40    return f"Tokens obtained. Copy to Replit Secrets. Access token expires in {tokens.get('expires_in')} seconds."
41
42if __name__ == '__main__':
43    app.run(host='0.0.0.0', port=3000)

Pro tip: After copying the tokens to Replit Secrets, implement token refresh logic that runs before every API call — the 1-hour access token expiry means any long-running job or infrequently used integration will need to refresh.

Expected result: After visiting /oauth/start and authorizing in Hootsuite, the callback displays your access and refresh tokens. Both are added to Replit Secrets as HOOTSUITE_ACCESS_TOKEN and HOOTSUITE_REFRESH_TOKEN.

3

Fetch social profiles and schedule posts

With tokens stored, you can make authenticated calls to the Hootsuite API. The base URL is https://platform.hootsuite.com/v1. First, call GET /socialProfiles to list all connected social accounts — each profile has an id, type (TWITTER, FACEBOOK_PAGE, LINKEDIN_COMPANY, etc.), and display name. Store the profile IDs you plan to post to as Replit Secrets (e.g., HOOTSUITE_TWITTER_PROFILE_ID, HOOTSUITE_LINKEDIN_PROFILE_ID) so they are easily configurable without code changes. To schedule a post, send a POST to /messages with the post text, an array of socialProfileIds, and a scheduledSendTime in ISO 8601 UTC format. If the scheduledSendTime is in the past or empty, Hootsuite publishes immediately. The response includes the created message ID and status. For posts with media attachments, first upload the media to Hootsuite's media library via POST /media, then include the returned media ID in your message payload. Build a reusable post scheduler function that handles both text-only and media posts.

scheduler.js
1// Node.js — fetch profiles and schedule a post (scheduler.js)
2const axios = require('axios');
3
4const BASE_URL = 'https://platform.hootsuite.com/v1';
5const ACCESS_TOKEN = process.env.HOOTSUITE_ACCESS_TOKEN;
6
7const api = axios.create({
8  baseURL: BASE_URL,
9  headers: { Authorization: `Bearer ${ACCESS_TOKEN}` }
10});
11
12async function getSocialProfiles() {
13  const res = await api.get('/socialProfiles');
14  return res.data.data;
15}
16
17async function schedulePost(profileIds, text, scheduledTime) {
18  const payload = {
19    text,
20    socialProfileIds: profileIds,
21    scheduledSendTime: scheduledTime  // ISO 8601 UTC string
22  };
23  const res = await api.post('/messages', payload);
24  return res.data.data;
25}
26
27(async () => {
28  const profiles = await getSocialProfiles();
29  console.log('Connected profiles:');
30  profiles.forEach(p => console.log(`  ${p.type}: ${p.socialNetworkUsername} (ID: ${p.id})`));
31
32  // Schedule a post 1 hour from now
33  const in1Hour = new Date(Date.now() + 3600000).toISOString();
34  const profileIds = profiles.slice(0, 1).map(p => p.id);  // First profile only
35  const msg = await schedulePost(profileIds, 'Hello from Replit! #automation', in1Hour);
36  console.log('Scheduled message ID:', msg.id);
37})();

Pro tip: Hootsuite validates that the scheduled time is in the future (at least a few minutes from now). Posts scheduled too close to the current time may fail with a validation error — add at least a 5-minute buffer.

Expected result: The script lists your connected social profiles with their IDs and types, then creates a scheduled message. The post appears in your Hootsuite scheduler queue for the specified time.

4

Retrieve analytics and post performance data

The Hootsuite Analytics API provides impression, engagement, and click data for your published posts and social profiles. The analytics endpoints use a different request pattern than the publishing API — you typically POST a query request specifying the metrics, date range, social profiles, and granularity (daily or total), then Hootsuite returns the aggregated data. Supported metrics include impressions, reach, engagements, clicks, shares, and profile follower counts. Build an Express or Flask endpoint that accepts a date range query parameter, fetches analytics for all configured profiles, and returns the data as JSON. This endpoint can be polled by a frontend dashboard or pushed to a reporting pipeline. Note that analytics data in Hootsuite has a processing delay of 24-48 hours for most platforms — requesting data for today or yesterday may return incomplete results. For reliable reports, query data from at least 2 days ago.

analytics.py
1# Python  fetch post analytics (analytics.py)
2import requests
3import os
4from datetime import datetime, timedelta
5
6ACCESS_TOKEN = os.environ['HOOTSUITE_ACCESS_TOKEN']
7BASE_URL = 'https://platform.hootsuite.com/v1'
8
9headers = {'Authorization': f'Bearer {ACCESS_TOKEN}', 'Content-Type': 'application/json'}
10
11def get_post_analytics(profile_id, start_date, end_date):
12    """
13    Fetch analytics for a social profile over a date range.
14    Dates should be ISO 8601 strings like '2026-03-01T00:00:00Z'
15    """
16    payload = {
17        'socialProfileIds': [profile_id],
18        'startDate': start_date,
19        'endDate': end_date,
20        'metrics': ['IMPRESSIONS', 'ENGAGEMENTS', 'CLICKS'],
21        'granularity': 'TOTAL'
22    }
23    response = requests.post(
24        f'{BASE_URL}/analytics/posts',
25        json=payload,
26        headers=headers
27    )
28    if response.status_code == 200:
29        return response.json().get('data', [])
30    else:
31        print(f'Analytics error {response.status_code}: {response.text}')
32        return []
33
34# Fetch last 7 days analytics (exclude last 2 days for data completeness)
35end = datetime.utcnow() - timedelta(days=2)
36start = end - timedelta(days=7)
37profile_id = os.environ.get('HOOTSUITE_PROFILE_ID', '')
38if profile_id:
39    results = get_post_analytics(profile_id, start.isoformat() + 'Z', end.isoformat() + 'Z')
40    for item in results:
41        print(item)

Pro tip: Analytics data availability varies by social network. Facebook and Instagram data typically has a 24-hour delay, while Twitter data is available faster. Always account for this delay in your reporting queries.

Expected result: The analytics script returns engagement data for the specified profile and date range. The data includes impressions, engagements, and clicks broken down by post or date.

Common use cases

Automated Content Publishing from a CMS

When a new blog post or product is published in your content management system, your Replit backend automatically schedules a set of social posts (one for each configured social profile) in Hootsuite. The posts are formatted with the article title, a short summary, and the URL, scheduled for optimal posting times based on your predefined time slots.

Replit Prompt

Build an Express server with a POST /publish endpoint that accepts content metadata (title, url, summary), creates 3 Hootsuite scheduled messages (one for Twitter, one for LinkedIn, one for Facebook) using the social profile IDs stored in Replit Secrets, schedules them 2 hours apart starting from now, and returns the created message IDs.

Copy this prompt to try it in Replit

Social Analytics Dashboard Feed

A daily scheduled job on Replit queries the Hootsuite analytics API for the previous day's post performance across all connected profiles, aggregates impressions, clicks, and engagement rates per platform, and writes the results to a Google Sheet or pushes them to a Slack channel. Marketing teams get a daily performance summary without manual reporting.

Replit Prompt

Build a Python script that uses the Hootsuite API to fetch analytics for all social profiles for the last 7 days, calculates total impressions and engagement rate per platform, and prints a formatted summary report. Store HOOTSUITE_ACCESS_TOKEN and social profile IDs in Replit Secrets.

Copy this prompt to try it in Replit

Bulk Social Post Scheduler

Upload a CSV of planned social posts (text, scheduled time, target profiles) to your Replit app's file system or receive them via a POST request. The server iterates through each row, formats the post payload, and creates scheduled messages in Hootsuite for each entry. This replaces manual bulk scheduling and supports recurring content calendars.

Replit Prompt

Build a Flask API with a POST /bulk-schedule endpoint that accepts a JSON array of post objects (each with text, scheduled_time as ISO 8601, and profile_id), creates a Hootsuite scheduled message for each, and returns a summary of created vs failed message IDs.

Copy this prompt to try it in Replit

Troubleshooting

API returns 401 Unauthorized after the access token previously worked

Cause: Hootsuite access tokens expire after 1 hour. If your application has not implemented token refresh, the token will expire and all subsequent API calls will fail.

Solution: Implement a token refresh function that uses the HOOTSUITE_REFRESH_TOKEN to obtain a new access token via POST to the token endpoint with grant_type=refresh_token. Store the new access and refresh tokens back into Replit Secrets, or manage them in a simple JSON file in your Repl's persistent storage.

typescript
1import requests, os
2def refresh_token():
3    resp = requests.post('https://platform.hootsuite.com/oauth2/token', data={
4        'grant_type': 'refresh_token',
5        'refresh_token': os.environ['HOOTSUITE_REFRESH_TOKEN'],
6        'client_id': os.environ['HOOTSUITE_CLIENT_ID'],
7        'client_secret': os.environ['HOOTSUITE_CLIENT_SECRET']
8    })
9    return resp.json()

POST to /messages returns 422 Unprocessable Entity with 'invalid scheduledSendTime'

Cause: The scheduled time is either in the past, in an incorrect format, or not in UTC timezone.

Solution: Ensure scheduledSendTime is in ISO 8601 UTC format ending with 'Z' (e.g., '2026-04-01T15:00:00Z') and is at least 5 minutes in the future. Use UTC time explicitly — Hootsuite does not automatically convert local times.

typescript
1// JavaScript — correct timestamp format
2const scheduledTime = new Date(Date.now() + 5 * 60 * 1000).toISOString(); // 5 min from now
3console.log(scheduledTime); // '2026-04-01T15:05:00.000Z'

GET /socialProfiles returns an empty array even though profiles are connected in Hootsuite

Cause: The OAuth token was generated with insufficient scopes, or the user who authorized the app does not have access to the social profiles you are trying to reach.

Solution: Re-run the OAuth flow and ensure the 'offline', 'post', and 'read_messages' scopes are included in the authorization request. Confirm that the Hootsuite user who authorized the app has access to the profiles in question — profiles connected by other team members may not be visible.

Analytics API returns empty data or all zeros for recent dates

Cause: Analytics data in Hootsuite has a 24-48 hour processing delay. Querying data for today or yesterday returns incomplete or zero results.

Solution: Shift your analytics date range to query data from at least 2 days ago. For daily reporting, schedule your analytics job to run in the early morning and query data from 2 days prior to ensure completeness.

typescript
1from datetime import datetime, timedelta
2end = datetime.utcnow() - timedelta(days=2)
3start = end - timedelta(days=7)

Best practices

  • Store HOOTSUITE_CLIENT_ID, HOOTSUITE_CLIENT_SECRET, HOOTSUITE_ACCESS_TOKEN, and HOOTSUITE_REFRESH_TOKEN in Replit Secrets (lock icon 🔒) — never hardcode OAuth credentials in source files
  • Implement automatic token refresh using the refresh token before every API call — Hootsuite access tokens expire after 1 hour and silent expiry will break your integration
  • Store social profile IDs in Replit Secrets rather than hardcoding them so you can switch between test and production profiles without code changes
  • Deploy as Autoscale for webhook-triggered or scheduled publishing jobs — a sleeping Repl will miss triggered events and fail to publish scheduled posts
  • Add at least a 5-minute buffer to scheduledSendTime to avoid validation failures from near-future timestamps
  • Query analytics data with a 48-hour lag to ensure data completeness — same-day analytics often return zeros or incomplete counts
  • Respect Hootsuite's API rate limits (typically 100 requests per 15-minute window) and implement retry with exponential backoff for 429 responses
  • Test with a sandbox Hootsuite account or a dedicated test social profile before enabling automated posting on production social accounts

Alternatives

Sprout Social

Sprout Social provides deeper analytics and social listening features with a similar API structure, making it a better choice for data-driven social media reporting.

Later

Later is optimized for visual content and Instagram scheduling with a simpler API, making it easier to integrate if Instagram is your primary platform.

SocialBee

SocialBee focuses on content category recycling and evergreen post queues, making it a better fit for teams that reuse content across posting cycles.

Planoly

Planoly specializes in visual grid planning and Instagram/Pinterest scheduling with a simpler API setup compared to Hootsuite's multi-platform OAuth complexity.

Frequently asked questions

How do I connect Replit to Hootsuite?

Register an app in the Hootsuite developer portal, complete the OAuth 2.0 authorization code flow to obtain access and refresh tokens, store them in Replit Secrets (lock icon 🔒), and make authenticated HTTP requests to the Hootsuite REST API from your Express or Flask server.

Does Replit work with Hootsuite for free?

Hootsuite API access typically requires a Team plan or higher — free and basic plans do not include API access. Replit's free tier supports development and testing, but you need a paid Replit Autoscale deployment for a always-available webhook or scheduling server.

How do I store the Hootsuite API key in Replit?

Hootsuite uses OAuth 2.0 rather than a simple API key. Store HOOTSUITE_CLIENT_ID, HOOTSUITE_CLIENT_SECRET, HOOTSUITE_ACCESS_TOKEN, and HOOTSUITE_REFRESH_TOKEN in the Replit Secrets panel (lock icon 🔒). Access them with process.env.KEY in Node.js or os.environ['KEY'] in Python.

How do I schedule posts to multiple social profiles at once?

When creating a message via POST /messages, include an array of social profile IDs in the socialProfileIds field. Hootsuite will schedule the same message text to all specified profiles simultaneously. Use GET /socialProfiles first to get the IDs for each connected account.

Why does my Hootsuite integration stop working after an hour?

Hootsuite access tokens expire after 60 minutes. Your application must implement token refresh logic that uses the stored refresh token to obtain a new access token before the current one expires. Store the new tokens back to Replit Secrets and track the expiry timestamp to know when to refresh.

RapidDev

Talk to an Expert

Our team has built 600+ apps. Get personalized help with your project.

Book a free consultation

Need help with your project?

Our experts have built 600+ apps and can accelerate your development. Book a free consultation — no strings attached.

Book a free consultation

We put the rapid in RapidDev

Need a dedicated strategic tech and growth partner? Discover what RapidDev can do for your business! Book a call with our team to schedule a free, no-obligation consultation. We'll discuss your project and provide a custom quote at no cost.