Got a 'How do I' question? Join 'Ask a Trainer' Monday to Friday, 11am to 4pm ET for instant help and pro tips!

Authorization error

GregC245
Rookie
0 Votes

I am trying to write a script to add email addresses to a mailing list through the API. I have sucessfully authorized the application and gotten both access and refresh tokens, however everytime I try to post the email address with the access token I get a 401 unauthorized error. Posting to 

https://api.cc.email/v3/contacts

Any help would be greatly appreciated. 

10 REPLIES 10
Jimmy_D
Employee
0 Votes

Hello @GregC245,

 

Thank you for reaching out to Constant Contact's API Support.

 

Once you have obtained your Access Token you want to send that with your API calls as the Authorization Bearer token.

 

How are you using your the Access Token in your call?


Regards,
Jimmy D.
Tier II API Support Engineer
GregC245
Rookie
0 Votes
curl_setopt($ch, CURLOPT_URL, $base);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('accept'=>'application/json'));
curl_setopt($ch, CURLOPT_HTTPHEADER, array('authorization'=>'Bearer {'.$access_token.'}'));
curl_setopt($ch, CURLOPT_HTTPHEADER, array('cache-control'=>'no-cache'));
curl_setopt($ch, CURLOPT_HTTPHEADER, array('content-type'=> 'application/json'));
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
David_B.
Employee
0 Votes

Hello,

 

Thank you for that information. It looks like you are building your authorization header to have braces { } around your access token. These are not needed, so you should build your header like this:

curl_setopt($ch, CURLOPT_HTTPHEADER, array('authorization'=>'Bearer '.$access_token));

Please give that a try and let us know how that works.

 

Regards,
David B.
Tier II API Support Engineer

 

 

GregC245
Rookie
0 Votes

The API documentation has the braces in the code examples so I wasn't sure. Tried it both ways however with the same result,

 

string(59) "{"error_key":"unauthorized","error_message":"Unauthorized"}"

 

https://v3.developer.constantcontact.com/api_guide/contacts_create.html

David_B.
Employee
0 Votes

Hello,

 

What scope are you using in your OAuth authorization flow?


Regards,
David B.
Tier II API Support Engineer

MrRoyo
Campaign Contributor
0 Votes

Hello Sir

 

I am facing same issue. And I am using this scope "contact_data+campaign_data".  When I try to get all lists it gives me error "{"error_key":"unauthorized","error_message":"Unauthorized"}". Even If I try to get access token info with following code:

 

$base = 'https://api.cc.email/v3/token_info';


$curl = curl_init();

curl_setopt_array($curl, array(
CURLOPT_URL => $base,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => "",
CURLOPT_HTTPHEADER => array(
"Authorization: Bearer {MY ACCESS TOKEN}",
"token: {MY ACCESS TOKEN}",
"cache-control: no-cache",
"Content-Type: application/json"
),
));

 

It gives same error "{"error_key":"unauthorized","error_message":"Unauthorized"}"

MrRoyo
Campaign Contributor
0 Votes

Now I can get the token info and token info display this scope "{"scopes":["contact_data","campaign_data"]}"

 

But when I am trying to fetch list it still give me error "{"error_key":"unauthorized","error_message":"Unauthorized"}"

 

This is my code:

$base = 'https://api.cc.email/v3/contacts?lists=68';

$ch = curl_init($base);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLINFO_HEADER_OUT, true);
curl_setopt($ch, CURLOPT_POST, true);

curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'accept' => 'application/json',
'authorization' => 'Bearer '.$access_token,
'cache-control' => 'no-cache',
'content-type' => 'application/json',

));
// Submit the POST request
$result = curl_exec($ch);

// Close cURL session handle
curl_close($ch);
print_r($result)

Courtney_E
Moderator
0 Votes

Hello MrRoyo,

 

Thank you for reaching out to Constant Contact API Developer Support, and for your patience. My team is here to assist outside software developers with questions about building into Constant Contact's API.

 

It looks like we're working with you directly via email regarding your inquiry, but I wanted to close the loop here as well. If you haven't received our reply, please let us know via email at webservices@constantcontact.com, and reference case number 28232085.


Regards,

Courtney E.
Tier II API Support Engineer

Did I answer your question?
If so, please mark my post as an "Accepted Solution" by clicking the Accept as Solution button in the bottom right hand corner of this post.
user158539
Rookie
0 Votes

I am also having this issue 

 

string(59) "{"error_key":"unauthorized","error_message":"Unauthorized"}"

 

            $access_token = $_GET['code'];
            $ch = curl_init();

            curl_setopt($ch, CURLOPT_URL, $base);
            curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
            curl_setopt($ch, CURLOPT_POST, 1);
            curl_setopt($ch, CURLOPT_POSTFIELDS, "{\n  \"email_address\": {\n    \"address\": \"danipper@example.com\",\n    \"permission_to_send\": \"implicit\"\n  },\n  \"first_name\": \"David\",\n  \"last_name\": \"Nipper\",\n  \"job_title\": \"Musician\",\n  \"company_name\": \"Acme Corp.\",\n  \"create_source\": \"Account\",\n  \"birthday_month\": 11,\n  \"birthday_day\": 24,\n  \"anniversary\": \"2006-11-15\",\n  \"steet_addresses\":{\n    \"kind\":\"home\",\n    \"street\": \"123 Kashmir Valley Road\",\n    \"city\": \"Chicago\",\n    \"state\": \"Illinois\",\n    \"country\": \"United States\",\n  }\n}");
           

            curl_setopt($ch, CURLOPT_HTTPHEADER, array(
                'cache-control' => 'no-cache',
                'authorization' => 'Bearer '.$access_token,
                'content-type' => 'application/json',
                'accept' => 'application/json'

            ));
           
            $result = curl_exec($ch);
            if (curl_errno($ch)) {
                echo 'Error:' . curl_error($ch);
            }
            curl_close($ch);

            var_dump($result);
 
I need help
Courtney_E
Moderator
0 Votes

Hello user158539,

 

Thank you for reaching out to Constant Contact API Developer Support. My team is here to assist outside software developers with questions about building into Constant Contact's API.

 

Based on our system logs for the API key that has most recently connected with the account that you are posting from, I found quite a few responses which indicated that the authorization code might not be getting exchanged for the first Access Token and Refresh Token set within the 60 second timeframe before it expires.

 

When going through the V3 API OAuth Server Flow, the Authorization Code from steps 2 and 3 only has a lifespan of 60 seconds, and needs to be exchanged for your first token set within that timeframe or you will need to generate another. Until you get your first set of tokens to authenticate the connection, you will not be able to make successful calls to the API.

 

V3 API OAuth2.0 Server Flow

https://v3.developer.constantcontact.com/api_guide/server_flow.html

 

If you feel that my reply was not a good fit for your inquiry, please feel free to email our team directly at webservices@constantcontact.com and provide us with the API key you are using, the username for the Constant Contact account you are connecting with, so that we can look into the issue with you further.

 

Please have a look and let us know if you have any other questions!


Regards,

Courtney E.
Tier II API Support Engineer

Did I answer your question?
If so, please mark my post as an "Accepted Solution" by clicking the Accept as Solution button in the bottom right hand corner of this post.
Resources
Developer Portal

View API documentation, code samples, get your API key.

Visit Page

Announcements

API Updates

Join our list to be notified of new features and updates to our V3 API.

Sign Up