I am trying to write a script to add email addresses to a mailing list through the API. I have sucessfully authorized the application and gotten both access and refresh tokens, however everytime I try to post the email address with the access token I get a 401 unauthorized error. Posting to
https://api.cc.email/v3/contacts
Any help would be greatly appreciated.
Hello @GregC245,
Thank you for reaching out to Constant Contact's API Support.
Once you have obtained your Access Token you want to send that with your API calls as the Authorization Bearer token.
How are you using your the Access Token in your call?
curl_setopt($ch, CURLOPT_URL, $base);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('accept'=>'application/json'));
curl_setopt($ch, CURLOPT_HTTPHEADER, array('authorization'=>'Bearer {'.$access_token.'}'));
curl_setopt($ch, CURLOPT_HTTPHEADER, array('cache-control'=>'no-cache'));
curl_setopt($ch, CURLOPT_HTTPHEADER, array('content-type'=> 'application/json'));
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
Hello,
Thank you for that information. It looks like you are building your authorization header to have braces { } around your access token. These are not needed, so you should build your header like this:
curl_setopt($ch, CURLOPT_HTTPHEADER, array('authorization'=>'Bearer '.$access_token));
Please give that a try and let us know how that works.
Regards,
David B.
Tier II API Support Engineer
The API documentation has the braces in the code examples so I wasn't sure. Tried it both ways however with the same result,
string(59) "{"error_key":"unauthorized","error_message":"Unauthorized"}"
https://v3.developer.constantcontact.com/api_guide/contacts_create.html
Hello,
What scope are you using in your OAuth authorization flow?
Regards,
David B.
Tier II API Support Engineer
Hello Sir
I am facing same issue. And I am using this scope "contact_data+campaign_data". When I try to get all lists it gives me error "{"error_key":"unauthorized","error_message":"Unauthorized"}". Even If I try to get access token info with following code:
$base = 'https://api.cc.email/v3/token_info';
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => $base,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => "",
CURLOPT_HTTPHEADER => array(
"Authorization: Bearer {MY ACCESS TOKEN}",
"token: {MY ACCESS TOKEN}",
"cache-control: no-cache",
"Content-Type: application/json"
),
));
It gives same error "{"error_key":"unauthorized","error_message":"Unauthorized"}"
Now I can get the token info and token info display this scope "{"scopes":["contact_data","campaign_data"]}"
But when I am trying to fetch list it still give me error "{"error_key":"unauthorized","error_message":"Unauthorized"}"
This is my code:
$base = 'https://api.cc.email/v3/contacts?lists=68';
$ch = curl_init($base);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLINFO_HEADER_OUT, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'accept' => 'application/json',
'authorization' => 'Bearer '.$access_token,
'cache-control' => 'no-cache',
'content-type' => 'application/json',
));
// Submit the POST request
$result = curl_exec($ch);
// Close cURL session handle
curl_close($ch);
print_r($result)
Hello MrRoyo,
Thank you for reaching out to Constant Contact API Developer Support, and for your patience. My team is here to assist outside software developers with questions about building into Constant Contact's API.
It looks like we're working with you directly via email regarding your inquiry, but I wanted to close the loop here as well. If you haven't received our reply, please let us know via email at webservices@constantcontact.com, and reference case number 28232085.
I am also having this issue
string(59) "{"error_key":"unauthorized","error_message":"Unauthorized"}"
Hello user158539,
Thank you for reaching out to Constant Contact API Developer Support. My team is here to assist outside software developers with questions about building into Constant Contact's API.
Based on our system logs for the API key that has most recently connected with the account that you are posting from, I found quite a few responses which indicated that the authorization code might not be getting exchanged for the first Access Token and Refresh Token set within the 60 second timeframe before it expires.
When going through the V3 API OAuth Server Flow, the Authorization Code from steps 2 and 3 only has a lifespan of 60 seconds, and needs to be exchanged for your first token set within that timeframe or you will need to generate another. Until you get your first set of tokens to authenticate the connection, you will not be able to make successful calls to the API.
V3 API OAuth2.0 Server Flow
https://v3.developer.constantcontact.com/api_guide/server_flow.html
If you feel that my reply was not a good fit for your inquiry, please feel free to email our team directly at webservices@constantcontact.com and provide us with the API key you are using, the username for the Constant Contact account you are connecting with, so that we can look into the issue with you further.
Please have a look and let us know if you have any other questions!
Announcements
Join our list to be notified of new features and updates to our V3 API.
Sign Up