Does anyone have any examples on setting up the OAuth flow using postman? I've tried probably a dozen different ways to setup to process, and still come back to the same couple of errors.
Using these settings produces a vague "invalid_request" error:
However using these settings gives this error:
Error: Cannot supply multiple client credentials. Use one of the following: credentials in the Authorization header, credentials in the post body, or a client_assertion in the post body.
Wondering if I am missing some really obvious detail.
Hello @KatherineG1840,
Please note that Postman is not built or supported by Constant Contact, so we are limited in the support we can provide, but will try to answer any questions to the best of our ability.
The "invalid_request" error you're encountering when using the Implicit Flow is due to the lack of the required nonce parameter. Postman doesn't appear to offer a dedicated field for this parameter; I was able to find the following open feature request, asking them to add one: OAuth2 supporting a nonce for the auth URL. A workaround would be to manually append the nonce parameter to the authorization endpoint URL:
Regarding the error you encountered when using the Authorization Code Flow, you'll notice that our token endpoint expects the authorization_code as a query parameter & your app's credentials in the Authorization header. Postman is sending the authorization_code in the request body, and I was unable to locate an option within Postman to send it as a query parameter instead.
I was able to successfully obtain an access token by switching Postman's Client Authentication option from "Send as Basic Auth header" to "Send client credentials in body", however this isn't a documented, supported method of using our token endpoint, so I can't guarantee this will always be a viable workaround. I'd recommend contacting Postman's support to check if they offer a way to send the authorization_code as a query parameter.
Please let us know if you have any questions!
Regards,
Announcements
Join our list to be notified of new features and updates to our V3 API.
Sign Up