API & Partner Accounts

JasonK108 · ‎04-17-2023

Hey,

I have a question about the API.

I have a primary account with a number of partner accounts (ex: 20). Assume I am building a new app on the API.

When I go through the Authentication procedure and get API tokens for this new app via the primary account, will these tokens work to access the information (ex: contacts & campaigns) in all the related partner accounts or do I have to get separate tokens for each partner account?

Thus:

- Login to primary account on Constant Contact

- Use it to switch to a partner account

- Go back to my app

- Get OAuth2 credentials for this partner account

- Go back to Constant Contact

- Switch back to the primary account

- Switch back to a different partner account and... repeat the process for each partner account?

Or is there a better way to do this using only the tokens for the master account?

John__B · ‎04-19-2023

Hello JasonK108,

Thank you for reaching out to Constant Contact API Developer Support. My team is here to assist outside software developers with questions about building into Constant Contact's API.

There are 2 ways you could go about authorizing your application and sending requests on behalf of your child accounts.

If you were to authorize your application on each child account individually, you would need to be logged into each child account via genuine account-level credentials (logging in with a username and password to an Account Owner or Account Manager profile) to maintain authorization. Authorization for the application won’t be maintained if it is granted by logging into the child account through your main partner account due to security enhancements. You could reach out to the Account Owner of each child account to create an Account Manager user role for you for this purpose, or they could authorize the application themselves.

Alternatively, if your organization is the developer of the integration that you are trying to connect, specifically for Partner accounts, we now offer the option of acquiring a “Master Token”, which allows you to send API requests on behalf of Partner managed client accounts without needing individual access tokens for each child account.

Instead of using the the standard OAuth flows and storing tokens for each child account, you would be using the Partner authorization method to get a Partner API access token (JWT), then using that to call the "pass-through" Partner endpoint.

If you decide to go this route, please reach out to us via email at webservices@constantcontact.com to let us know the API key that you will be using for your application so that we can grant it the correct permissions.

Technology Partner Registration

https://v3.developer.constantcontact.com/api_guide/partners_reg_creds.html

Technology Partner Authentication and Authorization

https://v3.developer.constantcontact.com/api_guide/partners_auth.html

API Reference - POST Send an API request on Behalf of a Client Account

https://developer.constantcontact.com/api_reference/index.html#!/Technology_Partners/partnerAccountO...

Please have a look and let us know if you have any other questions!

Regards,

John B.
API Support Specialist
Did I answer your question? If so, please mark my post as an "Accepted Solution" by clicking the Accept as Solution button in the bottom right hand corner of this post.

ElderPagesOnline · ‎11-27-2023

Hi John,

I'm in this same situation and was not able to make the Master Token work, as the app I'm integrating (Gravity Forms) only support the basic V3 API.

That leaves me with your first option, which is proving very complicated to implement. In order to create a user on each client (for me over 100) I would need to have individual email addresses in each client account, or as you say, have them create/approve the app themselves, which is also proving difficult for my clients. Is there a way for me to use the same email address in multiple client accounts?

Thanks in advance,

Ben

Courtney_E · ‎01-12-2024

Hello Ben,

Thank you for reaching out to Constant Contact API Developer Support. My team is here to assist outside software developers with questions about building into Constant Contact's API.

While you can't use the same email address as the username for different Constant Contact account users, you can use the same email address as the email on file for that user. However, you'd need to go in and change the username for each user before creating the next user.

Example:

Username name1

Email name@domain.com

Username name2

Email name@domain.com

Alternately, a potentially easier way to do this might be to create the users with the "plus addressing" method, where the users are named like "name+1@domain.com" or name+account2@domain.com", but any password resets or communications are still sent to "name@domain.com" for all accounts.

[external link] What is Plus Email Addressing and How Do I Use It?

https://kb.uconn.edu/space/IKB/10731880518/What+is+Plus+Email+Addressing+and+How+Do+I+Use+It

Example:

Username name+1@domain.com

Email name+1@domain.com

Username name+2@domain.com

Email name+2@domain.com

Please have a look and let us know if you have any other questions!

Regards,

Courtney E.
Tier II API Support Engineer

Did I answer your question?
If so, please mark my post as an "Accepted Solution" by clicking the Accept as Solution button in the bottom right hand corner of this post.

Developer Portal

API Updates