Constant Contact does support the use of OAuth authentication, which you can read more about here. Unfortunately we do not have any .NET samples at this time, but it is something we are looking to do in the very near future. If you would like to send your code over to our webservices support team we would be happy to take a look and see if we can assist in resolving this.
What is client certificate? Do we need to download from constant contact web site, in order to use OAUTH mechanism, to request for unauthorized request token over SSL for the below url.
I am sorry, I do not understand what you mean by 'client certificate'. When obtaining an unauthorized request token, the only data that you need from Constant Contact is your API Key and Consumer Secret. The rest of the parameters that need to be included can be created through many OAuth Libraries and are not given by Constant Contact. The full list of parameters for this request can be found here, and they are:
oauth_callback - URL to which our service should redirect the user after authorizing the request token. Specify "oob" if there is no callback url (ie, desktop application)
oauth_consumer_key - Your API Key
oauth_nonce - A random string (see tools.ietf.org/html/rfc5849#page-17 for more details)
oauth_signature_method - We only support "HMAC-SHA1"
oauth_timestame - Timestamp of the request, expressed in the number of seconds since January 1, 1970 00:00:00 GMT
oauth_version - Should be set to 1.0 (This is the value that should be sent per OAuth 1.0a spec)
oauth_signature - A string value that is a signature of your request signed using your application's consumer secret (for more information see tools.ietf.org/html/rfc5849#page-18)