I'm looking to write a script to automate a few tasks with just a single connection with no user interaction.
I can generate the authorization url, and when I do Postman does show me the CC login prompt. However, I don't want to have to log in via a web page to grant access each time I run this script. I know with the v2 API there was a way to just use the access token given through the site along with the client id and secret, but there doesn't seem to be a way to do that in v3. I am fine even with having to use my user credentials to log in somewhere if I knew how to push those credentials within the script to receive the proper authorization code back. It doesn't make sense to try to generate a refresh token as I would have to store the new one somewhere each time I run this script (either scheduled or manually).
I thought it made more sense to do this with v3, since I assume that v2 will be deprecated at some point but otherwise this seems like it is more trouble than it's worth. I also don't understand why there is not a flow for this as it seems like a rather common thing to need to access the endpoints programmatically without needing a web interface.
I am also interested in signing in without a web sign in. It does not make sense to me that I can't. I'm trying to manage my own contacts, list and email delivery via my own services, no UI.
Thank you for reaching out to Constant Contact's API Support.
We are looking in to other options to authenticate. As of right now you will need to go through the oAuth flow listed in the v3 documentation to get the Access Token and Refresh Token. Please keep in mind the need to enter the Constant Constact username/password and clicking Allow/Deny only occurs once. After you do that you just need to track/save the Access and Refresh Tokens.
I am looking to do some of my own automation. This would be a case where there is not a user, there is not a browser to allow the access. OAuth2 is great when you have a user doing the work and using a browser. When you do not have this, it does not work very well.
This is the first time I've checked this thread in awhile. Disappointing they still have done nothing with this apparently, since it seems like a very common use case.