Which OAuth2 for Internal Server App?

I'm new to CC Api.

I'll looking to connect our internal web-app to Constant Contact data using the api.

Our web-app will be running cron jobs from our server...so login page prompts are not possible.

 

The application process is asking me to choose:

  • Authorization Code Flow and Implicit Flow
  • Proof Key for Code Exchange (PKCE) Flow
  • Device Authorization Flow

And:

  • Rotating Refresh Tokens
  • Long Lived Refresh Tokens

I will be using cron jobs to periodically pull data from the cc api.

 

Which of the methods listed above is most suitable for this?

 

Thanks

3 replies

Leaderboard