I can see that New Relic relies on a HipChat v1 API administration token (I’ve not tried notification only but in the Channel configuration it actually asks for an admin token!). I was surprised at this, mainly as v1 API is deprecated (https://www.hipchat.com/docs/api) and because admin token is completely unnecessary for just notifications!
It also means that we give New Relic and anyone with access to manage the alerts, full ability to send notifications to all of our rooms, not just the ones we want it to, and in the case of administration token, almost full access to do as they please with our HipChat.
It’s a blocker for us as we run multiple New Relic setups, one for each of our clients, and with the current setup we’d need to essentially make a token (potentially administrative one) for all our HipChat rooms visible to all our clients.
It would make it much easier though if New Relic implemented the V2 API with OAuth and just asked for a room token - that would be much easier as we could grant access to single rooms on demand, and allow us to revoke access to the room via HipChat if we ever needed to - it would show as an integration - it also means room owners can configure the integrations for their client’s New Relics rather than having to ask an admin.