Enter the Share Your Success Sweepstakes 2024 For the Chance to Win Great Prizes!

Using new Oauth2 endpoint to get Access Token--400 error

SegmintD
Brand Influencer

So far in our Constant Contact integration, we have been successful with the older 'idfed' Oauth2 endpoint for retrieving access tokens with a POST.   However, during the maintenance outage yesterday learned that we had to switch to use a new 'authz' endpoint by March 31st, very surprising to hear of this.

 

So far, in trying to adapt to using the new 'auth' endpoint, we get 400 errors in testing.

 

I have this POST:

https://authz.constantcontact.com/oauth2/default/v1/token?code=AUTHCODE&redirect_uri=URI&state=STATE...&nonce=NONCE_ENCODED_VALUE&grant_type=authorization_code

 

(the UPPERCASE values hide the actual values)

 

to which the response is a 400 error.

  data: {

      errorCode: 'E0000021',

      errorSummary: 'Bad request.  Accept and/or Content-Type headers likely do not match supported values.',

      errorLink: 'E0000021',

      errorId: 'oaeEf5o-pigQ0Cqtj6gey4rCA',

      errorCauses: []

    }

 

Looking at the message about the Accept or Content-Type headers, I checked what was being sent:

 'Accept: application/json, text/plain, */*\r\n' +

 'Content-Type: application/json;charset=utf-8\r\n' +

 

Note that these values for Accept and Content-Type headers are unchanged from what was being sent to the old 'idfed' endpoint.

The only changes to the new endpoint were copying the API Key and getting a new client secret per the instructions on migrating to the new endpoints, encoding these in the Authorization header, changing the URL and adding the state and nonce query parameters. 

 

Any thoughts on what might be the issue? 
I've been following these instructions:  

       

 

5 REPLIES 5
HeidiS146
Constant Contact Partner
0 Votes

I am experiencing the exact same issue and was also very surprised to hear of this sudden change. Please share if you make any headway.

Thanks!

WCCGoldenApple
Brand Visionary
0 Votes

I had a similar problem.  Turns out you used to need to URL encode the + symbol that separated the scopes using %2B, but now you just need to use the actual + sign.  Someone else pointed this out to me.  Just passing it on.  CC support has been less than helpful here with an obvious error in their API that should have been fixed long ago.  API should take either %2B or +.

 

John__B
Employee
0 Votes

Hello SegmintD, HeidiS146 &WCCGoldenApple,

 

Thank you for reaching out to Constant Contact API Developer Support. My team is here to assist outside software developers with questions about building into Constant Contact's API.

 

I can confirm that the Content-Type header did change with the update to our new authorization service. For POST requests to the https://authz.constantcontact.com/oauth2/default/v1/token endpoint, the Content-Type header value should be: “application/x-www-form-urlencoded”. 

 

The Accept header value for this request should be: “application/json”.

 

Examples of both headers can be found under the Example Request section of step 4 (Get the Access token and Refresh token) on the Authorization Code documentation which I’ll link to below.

 

Get the Access and Refresh Token:

https://v3.developer.constantcontact.com/api_guide/server_flow.html#step-4-get-the-access-token-and-...

 

Please have a look and let us know if you have any other questions!

 

Regards,


John B.
API Support Specialist
Did I answer your question? If so, please mark my post as an "Accepted Solution" by clicking the Accept as Solution button in the bottom right hand corner of this post.
HeidiS146
Constant Contact Partner
0 Votes

I added the headers but it did not resolve the issue for me.

Courtney_E
Moderator
0 Votes

Hello HeidiS146,

 

Thank you for reaching out to Constant Contact API Developer Support. My team is here to assist outside software developers with questions about building into Constant Contact's API.

 

It looks like we're already working with you directly via email, but I wanted to close the loop here as well. If you haven't received our reply, please let us know via email at webservices@constantcontact.com, and reference case number 29664639.


Regards,

Courtney E.
Tier II API Support Engineer

Did I answer your question?
If so, please mark my post as an "Accepted Solution" by clicking the Accept as Solution button in the bottom right hand corner of this post.
Resources
Developer Portal

View API documentation, code samples, get your API key.

Visit Page

Announcements

API Updates

Join our list to be notified of new features and updates to our V3 API.

Sign Up