Enter the Share Your Success Sweepstakes 2024 For the Chance to Win Great Prizes!

Device Flow Refresh Token

SOLVED
Go to solution
user463795
Campaign Contributor
0 Votes

Hi All,

 

Is refresh token supported in device flow? When authorizing using device flow,  the API response have a refresh token but when I checked the API docs it is not stated on how to generate new access token using a refresh token (Device Flow)

 

Thank you.

1 ACCEPTED SOLUTION
John__B
Employee

Hello user463795,

 

Thank you for reaching out to Constant Contact API Developer Support. My team is here to assist outside software developers with questions about building into Constant Contact's API.

 

I can confirm that refresh tokens are supported with the Device authorization flow. Below I’m including instructions on how to utilize them. These steps have not yet been added to the Device flow documentation but we hope to have them added soon:

 

Assuming that the offline_access scope is verified in your authorization request, you will receive a refresh_token along with an access_token in your token request. The refresh_token will only expire after 180 days if never used. You can exchange the refresh_token for a new token set once the access_token expires with the following method:

 

Send a POST request to the https://authz.constantcontact.com/oauth2/default/v1/token endpoint with the following query parameters and header.


Query Parameters:

refresh_token (value = your refresh token)

grant_type (value = refresh_token)

client_id (value = your client_id)


Header:

Content-Type: application/x-www-form-urlencoded


Please have a look and let us know if you have any other questions!

 

Regards,


John B.
API Support Specialist
Did I answer your question? If so, please mark my post as an "Accepted Solution" by clicking the Accept as Solution button in the bottom right hand corner of this post.

View solution in original post

2 REPLIES 2
John__B
Employee

Hello user463795,

 

Thank you for reaching out to Constant Contact API Developer Support. My team is here to assist outside software developers with questions about building into Constant Contact's API.

 

I can confirm that refresh tokens are supported with the Device authorization flow. Below I’m including instructions on how to utilize them. These steps have not yet been added to the Device flow documentation but we hope to have them added soon:

 

Assuming that the offline_access scope is verified in your authorization request, you will receive a refresh_token along with an access_token in your token request. The refresh_token will only expire after 180 days if never used. You can exchange the refresh_token for a new token set once the access_token expires with the following method:

 

Send a POST request to the https://authz.constantcontact.com/oauth2/default/v1/token endpoint with the following query parameters and header.


Query Parameters:

refresh_token (value = your refresh token)

grant_type (value = refresh_token)

client_id (value = your client_id)


Header:

Content-Type: application/x-www-form-urlencoded


Please have a look and let us know if you have any other questions!

 

Regards,


John B.
API Support Specialist
Did I answer your question? If so, please mark my post as an "Accepted Solution" by clicking the Accept as Solution button in the bottom right hand corner of this post.
user463795
Campaign Contributor
0 Votes

Thanks!

Resources
Developer Portal

View API documentation, code samples, get your API key.

Visit Page

Announcements

API Updates

Join our list to be notified of new features and updates to our V3 API.

Sign Up