I was invited to an Organization belonging to my client so that I could fix an authentication issue relating to new authorization service.
I noticed that I could not see their Application on my "My Applications" page but I was able to create one, and it is working.
Will anything break when my client revokes my access to their organization? Will I continue to be able to login to see My Applications even though I do not have a Constant Contact Subscription?
Secondly, since I authenticated their application with my own credentials, will the access token & refresh token stop working once they remove me from the organization, and they will need to re-authenticate with a valid user at that time?
Solved! Go to Solution.
Hello JFT416,
Thank you for reaching out to Constant Contact API Developer Support. My team is here to assist outside software developers with questions about building into Constant Contact's API.
In the developer side of the website, keys can only be accessed by the user that generated them. If the key was created under a sub-user role, there are a few things to keep in mind:
Deleting the user that generated the key will not deactivate the key itself, but you will no longer be able to access/manage the key. This means that they can no longer generate a new app secret if they ever need to re-authorize the connection with the application.
Additionally, if access to the application was granted via that user, deleting the user will delete any permissions that were granted to the key by that account.
Due to this, we recommend that keys are generated and access is granted by the Account Owner user if/when possible.
Please have a look and let us know if you have any other questions!
Hello JFT416,
Thank you for reaching out to Constant Contact API Developer Support. My team is here to assist outside software developers with questions about building into Constant Contact's API.
In the developer side of the website, keys can only be accessed by the user that generated them. If the key was created under a sub-user role, there are a few things to keep in mind:
Deleting the user that generated the key will not deactivate the key itself, but you will no longer be able to access/manage the key. This means that they can no longer generate a new app secret if they ever need to re-authorize the connection with the application.
Additionally, if access to the application was granted via that user, deleting the user will delete any permissions that were granted to the key by that account.
Due to this, we recommend that keys are generated and access is granted by the Account Owner user if/when possible.
Please have a look and let us know if you have any other questions!
Announcements
Join our list to be notified of new features and updates to our V3 API.
Sign Up