Third-Party Integrations on Craft CMS: Why They Break and What to Do About It

If your Craft CMS site connects to any external service, whether that’s Stripe for payments, HubSpot or Salesforce for CRM, Mailchimp for email, or any other third-party platform, you have a dependency that you probably don’t think about until it fails.

Integrations break. Not always, not constantly, but often enough that they need to be actively monitored rather than assumed to be working. Here’s why they fail and what to do about it.

APIs change

Every third-party service operates an API, a programming interface through which your site communicates with their platform. These APIs are updated regularly. Endpoints get deprecated, authentication methods change, response formats are modified. When Stripe changes its API version requirements or HubSpot updates its OAuth implementation, any integration built against the old version may stop working.

Major API changes are usually announced with a deprecation period, but if no one on your side is monitoring those announcements, you won’t know until something stops working.

Craft plugins that wrap integrations

Many Craft integrations are built using a plugin, whether that’s a first-party plugin from the service provider or a community plugin from the Craft Plugin Store. These plugins have their own release cycles. A plugin built for Craft 3 won’t work on Craft 4 or 5. When you upgrade Craft, every integration plugin needs to be checked and potentially updated or replaced.

This is one of the most common sources of integration failures we see following a Craft upgrade: the core upgrade succeeds, but a plugin handling a key integration doesn’t have a compatible version and silently stops working.

Authentication expires or changes

Many integrations use API keys or OAuth tokens for authentication. API keys can be revoked or rotated. OAuth tokens need to be refreshed periodically. If an API key is rotated as part of a security policy change on the third-party side, any integration using the old key will fail immediately. Craft’s environment variables make it straightforward to update API keys without a code change, but someone needs to know it’s happened.

The queue connection

Craft processes many tasks, including integration callbacks and outbound API calls, through its queue system. If the queue processor stops running, tasks queue up but never execute. Your forms still submit, your emails still appear to send, but nothing is actually reaching the external service. This is one of the harder failures to notice because there’s no visible error: things just silently stop arriving.

What to do about it

Active monitoring is the most important thing. Set up alerts for integration failures where the service provides them. Check queue job failure logs in the Craft control panel regularly. Test critical integrations, particularly payment and lead capture forms, as part of any maintenance review.

When a Craft upgrade is planned, treat every integration plugin as something that needs explicit verification rather than an assumption that it will still work.