Thank you for reaching out to Constant Contact API Developer Support. My team is here to assist outside software developers with questions about building into Constant Contact's API.
Our V3 API’s Access Tokens have a maximum lifespan of 24 hours. The V3 API’s Refresh Tokens have 2 options. The first and most secure option is Rotating Refresh Tokens. Rotating Refresh Tokens will expire after 180 days if never used. Once used to refresh the Access Token, you will receive a new Refresh Token value. The second option is Long Lived Refresh Tokens. Long Lived Refresh tokens never expire and the same Refresh Token value is used continuously to refresh the Access Token once it has expired. Both of these options are configured under the “OAuth2” tab of your API key in the Developer portal. For additional information, I’m including overview documentation on our available OAuth2 authorization flows below.