Got a 'How do I' question? Join 'Ask a Trainer' Monday to Friday, 11am to 4pm ET for instant help and pro tips!

oAuth 2.0 and API V3.0 general questions

ChrisC37
Marketing Legend
0 Votes

Hello David and team at CC.  It's been a while.

 

We are currently wanting to upgrade our CC integration in our product from API V1.0 to API V3.0.  In reviewing the requirements, it appears many things have changed.  

 

To review, our product is a desktop app written in vs.net that gets installed at our customer's location.

 

First, it appears that they (our customers) will no longer use their CC login name and password to access to their data.  Rather each customer would have to generate and input their own specific api key and secret key.  Is this correct?

 

Second, it appears that requests and responses formatted in Xml are no longer supported.  Is this correct?

 

Thanks.

 

 

2 REPLIES 2
Jimmy_D
Employee
0 Votes

Hi @ChrisC37,

 

The XML part is correct; we now use JSON format.

 

For the other question the answer is no. You would create an API Key and then use the oAuth flow so that your customers can generate an Access Token. We have two different oAuth flows; based on how you described your old application I would suggest the client flow as it is designed for a desktop application.

https://v3.developer.constantcontact.com/api_guide/client_flow.html


Regards,
Jimmy D.
Tier II API Support Engineer
ChrisC37
Marketing Legend
0 Votes

Thank you for your reply:

 

So I'm a little confused.  On the oAuth 2.0 Client Flow:  Since the Client_id (API Key) and Secret key belong to my registered application, how does my application know who's Constant Contact account it's logging into? 

 

My application is installed at many different locations for different customers with different Constant Contact accounts.  Previously, with API V1.0 we would use the account's login name and password.  There is nothing that I'm sending that is unique to a specific Constant Contact Account.  Please keep in mind that this is a Winforms application.  Not a web app.  There are no web pages involved.  I issue a request in code and receive a response.  What dark magic are you using to where my app knows who's Constant Contact account it's attempting to access?   

 

Thanks.

 

Chris

Resources
Developer Portal

View API documentation, code samples, get your API key.

Visit Page

Announcements

API Updates

Join our list to be notified of new features and updates to our V3 API.

Sign Up