Support for OAuth Authentication Retracted. Please Use Basic Authentication.

DaveBerard
Employee
0 Votes

Due to a security vulnerability acknowledged by the OAuth community, Constant Contact is retracting support for OAuth Authentication. API adopters should adopt Basic Authentication over HTTPs.



You can read more on the Basic Authentication model here.



We acknowledge and apologize for the impact this could have on developers currently building applications. We believe this action is in the best interests of our Constant Contact account holders and in the best interest of our API adopters (It appears likely that the security vulnerability will require coding changes on the part of both Constant Contact and any OAuth adopters. Since our OAuth implementation is quite new, few OAuth based implementations have been deployed - and hence it is our hope and belief that changing models now is the most expedient - and secure - approach).



If you are interested in more information on the nature of the OAuth security vulnerability, please see the OAuth security advisory, here.

Thanks,

Dave Berard
Senior Product Manager, Constant Contact
1 REPLY 1
SteveJ286
Campaign Collaborator

This post is out of date and should be removed.

Resources
Developer Portal

View API documentation, code samples, get your API key.

Visit Page

Announcements

API Updates

Join our list to be notified of new features and updates to our V3 API.

Sign Up

Polls
How confident are you about the effectiveness of your current marketing strategy?

Top Choice: Not confident at all (62%)