The Final Week of the Ready, Set, Send Challenge Has Begun!

API & Partner Accounts

JasonK108
Rookie
0 Votes

Hey,

 

I have a question about the API.

 

I have a primary account with a number of partner accounts (ex: 20). Assume I am building a new app on the API.

 

When I go through the Authentication procedure and get API tokens for this new app via the primary account, will these tokens work to access the information (ex: contacts & campaigns) in all the related partner accounts or do I have to get separate tokens for each partner account?

 

Thus:

- Login to primary account on Constant Contact

- Use it to switch to a partner account

- Go back to my app

- Get OAuth2 credentials for this partner account

- Go back to Constant Contact

- Switch back to the primary account

- Switch back to a different partner account and... repeat the process for each partner account?

 

Or is there a better way to do this using only the tokens for the master account?

 

5 REPLIES 5
John__B
Employee
0 Votes

Hello JasonK108,

 

Thank you for reaching out to Constant Contact API Developer Support. My team is here to assist outside software developers with questions about building into Constant Contact's API.

 

There are 2 ways you could go about authorizing your application and sending requests on behalf of your child accounts.

 

If you were to authorize your application on each child account individually, you would need to be logged into each child account via genuine account-level credentials (logging in with a username and password to an Account Owner or Account Manager profile) to maintain authorization. Authorization for the application won’t be maintained if it is granted by logging into the child account through your main partner account due to security enhancements. You could reach out to the Account Owner of each child account to create an Account Manager user role for you for this purpose, or they could authorize the application themselves. 

 

Alternatively, if your organization is the developer of the integration that you are trying to connect, specifically for Partner accounts, we now offer the option of acquiring a “Master Token”, which allows you to send API requests on behalf of Partner managed client accounts without needing individual access tokens for each child account.

 

Instead of using the the standard OAuth flows and storing tokens for each child account, you would be using the Partner authorization method to get a Partner API access token (JWT), then using that to call the "pass-through" Partner endpoint.

 

If you decide to go this route, please reach out to us via email at webservices@constantcontact.com to let us know the API key that you will be using for your application so that we can grant it the correct permissions.

 

Technology Partner Registration

https://v3.developer.constantcontact.com/api_guide/partners_reg_creds.html 

 

Technology Partner Authentication and Authorization

https://v3.developer.constantcontact.com/api_guide/partners_auth.html 

 

API Reference - POST Send an API request on Behalf of a Client Account

https://developer.constantcontact.com/api_reference/index.html#!/Technology_Partners/partnerAccountO...  

 

Please have a look and let us know if you have any other questions!

 

Regards,


John B.
API Support Specialist
Did I answer your question? If so, please mark my post as an "Accepted Solution" by clicking the Accept as Solution button in the bottom right hand corner of this post.
ElderPagesOnline
Constant Contact Partner
0 Votes

Hi John, 

 

I'm in this same situation and was not able to make the Master Token work, as the app I'm integrating (Gravity Forms) only support the basic V3 API.

 

That leaves me with your first option, which is proving very complicated to implement. In order to create a user on each client (for me over 100) I would need to have individual email addresses in each client account, or as you say, have them create/approve the app themselves, which is also proving difficult for my clients. Is there a way for me to use the same email address in multiple client accounts?

 

Thanks in advance,

Ben

Courtney_E
Moderator
0 Votes

Hello Ben,

 

Thank you for reaching out to Constant Contact API Developer Support. My team is here to assist outside software developers with questions about building into Constant Contact's API.

 

While you can't use the same email address as the username for different Constant Contact account  users, you can use the same email address as the email on file for that user. However, you'd need to go in and change the username for each user before creating the next user.

 

Example: 

 

Username  name1

Email          name@domain.com

 

Username  name2

Email          name@domain.com

 

Alternately, a potentially  easier way to do this might be to create the users with the "plus addressing" method, where the users are named like "name+1@domain.com" or name+account2@domain.com", but any password resets or communications are still sent to "name@domain.com" for all accounts.

 

[external link] What is Plus Email Addressing and How Do I Use It?

https://kb.uconn.edu/space/IKB/10731880518/What+is+Plus+Email+Addressing+and+How+Do+I+Use+It

 

Example: 

 

Username  name+1@domain.com

Email          name+1@domain.com

 

Username  name+2@domain.com

Email          name+2@domain.com

 

Please have a look and let us know if you have any other questions!


Regards,

Courtney E.
Tier II API Support Engineer

Did I answer your question?
If so, please mark my post as an "Accepted Solution" by clicking the Accept as Solution button in the bottom right hand corner of this post.
ElderPagesOnline
Constant Contact Partner
0 Votes

Hi Courtney, 

 

Thanks for the ideas! They are helpful. 

 

For clients that have a "lite" account, I can't create another user to use as the developer access account. Do they have to create the app themselves with their account owner login in that case?

 

B

Courtney_E
Moderator
0 Votes

Hello B,

 

Thank you for reaching out to Constant Contact API Developer Support. My team is here to assist outside software developers with questions about building into Constant Contact's API.

 

Yes, that's correct. If you are unable to create a secondary user on an account, then the primary user would need to generate the key and grant permission.

 

Please have a look and let us know if you have any other questions!


Regards,

Courtney E.
Tier II API Support Engineer

Did I answer your question?
If so, please mark my post as an "Accepted Solution" by clicking the Accept as Solution button in the bottom right hand corner of this post.
Resources
Developer Portal

View API documentation, code samples, get your API key.

Visit Page

Announcements

API Updates

Join our list to be notified of new features and updates to our V3 API.

Sign Up