cancel
Showing results for 
Search instead for 
Did you mean: 
Happy Turkey Day! In recognition of Thanksgiving our Support office will be closed Thursday (11/23). We will be open Friday (11/24) for limited hours (10:00am - 6pm ET) and will be back to normal hours on Monday (11/27).

OAuth Authentication, 2-legged, with C#/ASP.NET. Gets a 401 when I try to get the token -- code included

Highlighted
Participant

Hello All, Is constant

Hello All,


Is constant contact supporting OAUTH mechanism.


 

CTCT Employee

Re: Hello All, Is constant

Constant Contact does support the use of OAuth authentication, which you can read more about here. Unfortunately we do not have any .NET samples at this time, but it is something we are looking to do in the very near future. If you would like to send your code over to our webservices support team we would be happy to take a look and see if we can assist in resolving this.

David J

Participant

Hello, What is client

Hello,


What is client certificate?  Do we need to download from constant contact web site, in order to use OAUTH mechanism, to request for unauthorized request token over SSL for the below url.


https://oauth.constantcontact.com/ws/oauth/request_token

 

CTCT Employee

Re: Hello, What is client

I am sorry, I do not understand what you mean by 'client certificate'. When obtaining an unauthorized request token, the only data that you need from Constant Contact is your API Key and Consumer Secret. The rest of the parameters that need to be included can be created through many OAuth Libraries and are not given by Constant Contact. The full list of parameters for this request can be found here, and they are:


 


oauth_callback - URL to which our service should redirect the user after authorizing the request token. Specify "oob" if there is no callback url (ie, desktop application)


 


oauth_consumer_key - Your API Key


 


oauth_nonce - A random string (see tools.ietf.org/html/rfc5849#page-17 for more details)


 


oauth_signature_method - We only support "HMAC-SHA1"


 


oauth_timestame - Timestamp of the request, expressed in the number of seconds since January 1, 1970 00:00:00 GMT


 


oauth_version - Should be set to 1.0  (This is the value that should be sent per OAuth 1.0a spec)


 


oauth_signature - A string value that is a signature of your request signed using your application's consumer secret (for more information see tools.ietf.org/html/rfc5849#page-18)

David J

Still need help?
You can post a new message in the Community or find us on Twitter Mon-Fri 8am - 8pm ET. We've got real people waiting to help you out. Click below to start a conversation!
Loading script asynchronously