Community Home
Resources
Events & Webinars
Learn
Groups
Product Ideas
Got a 'How do I' question? Join 'Ask a Trainer' Monday to Friday, 11am to 4pm ET for instant help and pro tips!
Join

Using new Oauth2 endpoint to get Access Token--400 error

SegmintD
Brand Influencer
‎03-23-2022 05:29 PM
‎03-23-2022 05:29 PM

So far in our Constant Contact integration, we have been successful with the older 'idfed' Oauth2 endpoint for retrieving access tokens with a POST.   However, during the maintenance outage yesterday learned that we had to switch to use a new 'authz' endpoint by March 31st, very surprising to hear of this.

 

So far, in trying to adapt to using the new 'auth' endpoint, we get 400 errors in testing.

 

I have this POST:

https://authz.constantcontact.com/oauth2/default/v1/token?code=AUTHCODE&redirect_uri=URI&state=STATE...&nonce=NONCE_ENCODED_VALUE&grant_type=authorization_code

 

(the UPPERCASE values hide the actual values)

 

to which the response is a 400 error.

  data: {

      errorCode: 'E0000021',

      errorSummary: 'Bad request.  Accept and/or Content-Type headers likely do not match supported values.',

      errorLink: 'E0000021',

      errorId: 'oaeEf5o-pigQ0Cqtj6gey4rCA',

      errorCauses: []

    }

 

Looking at the message about the Accept or Content-Type headers, I checked what was being sent:

 'Accept: application/json, text/plain, */*\r\n' +

 'Content-Type: application/json;charset=utf-8\r\n' +

 

Note that these values for Accept and Content-Type headers are unchanged from what was being sent to the old 'idfed' endpoint.

The only changes to the new endpoint were copying the API Key and getting a new client secret per the instructions on migrating to the new endpoints, encoding these in the Authorization header, changing the URL and adding the state and nonce query parameters. 

 

Any thoughts on what might be the issue? 
I've been following these instructions:  

       

 

5 REPLIES 5
HeidiS146
Constant Contact Partner
Constant Contact Partner
‎03-24-2022 11:15 AM
0 Votes
‎03-24-2022 11:15 AM

I am experiencing the exact same issue and was also very surprised to hear of this sudden change. Please share if you make any headway.

Thanks!

WCCGoldenApple
Brand Visionary
‎03-30-2022 11:14 AM
0 Votes
‎03-30-2022 11:14 AM

I had a similar problem.  Turns out you used to need to URL encode the + symbol that separated the scopes using %2B, but now you just need to use the actual + sign.  Someone else pointed this out to me.  Just passing it on.  CC support has been less than helpful here with an obvious error in their API that should have been fixed long ago.  API should take either %2B or +.

 

John__B
Employee
Employee
‎03-31-2022 03:16 PM
0 Votes
‎03-31-2022 03:16 PM

Hello SegmintD, HeidiS146 &WCCGoldenApple,

 

Thank you for reaching out to Constant Contact API Developer Support. My team is here to assist outside software developers with questions about building into Constant Contact's API.

 

I can confirm that the Content-Type header did change with the update to our new authorization service. For POST requests to the https://authz.constantcontact.com/oauth2/default/v1/token endpoint, the Content-Type header value should be: “application/x-www-form-urlencoded”. 

 

The Accept header value for this request should be: “application/json”.

 

Examples of both headers can be found under the Example Request section of step 4 (Get the Access token and Refresh token) on the Authorization Code documentation which I’ll link to below.

 

Get the Access and Refresh Token:

https://v3.developer.constantcontact.com/api_guide/server_flow.html#step-4-get-the-access-token-and-...

 

Please have a look and let us know if you have any other questions!

 

Regards,


John B.
API Support Specialist
Did I answer your question? If so, please mark my post as an "Accepted Solution" by clicking the Accept as Solution button in the bottom right hand corner of this post.
HeidiS146
Constant Contact Partner
Constant Contact Partner
‎03-31-2022 03:43 PM
0 Votes
‎03-31-2022 03:43 PM

I added the headers but it did not resolve the issue for me.

Courtney_E
Moderator
Moderator
‎04-07-2022 04:45 PM
In response to HeidiS146
0 Votes
‎04-07-2022 04:45 PM

Hello HeidiS146,

 

Thank you for reaching out to Constant Contact API Developer Support. My team is here to assist outside software developers with questions about building into Constant Contact's API.

 

It looks like we're already working with you directly via email, but I wanted to close the loop here as well. If you haven't received our reply, please let us know via email at webservices@constantcontact.com, and reference case number 29664639.


Regards,

Courtney E.
Tier II API Support Engineer

Did I answer your question?
If so, please mark my post as an "Accepted Solution" by clicking the Accept as Solution button in the bottom right hand corner of this post.
Resources
Developer Portal

View API documentation, code samples, get your API key.

Visit Page

Announcements

API Updates

Join our list to be notified of new features and updates to our V3 API.

Sign Up