The Community is hosting an End of Summer sweepstakes! Participants must complete tasks to earn tickets that will enter them with a chance to win a free year of Constant Contact and other great prizes!*
*No Purchase Necessary. For Official Rules, visit here. Constant Contact’s End of Summer 2020 Sweepstakes ends on October, 20, 2020 at 11:50 PM EST.

Access Token Issue

Highlighted
Occasional Participant

Access Token Issue

Hello,

Do the user always have to redirect to the constant contact url i.e. https://oauth.constantcontact.com/ws/oauth_login to Grant Access ? Or is their a way to save token info for future uses without being redirect to oauth_login URL always. So that we can use that token info for accessing web service API's without the user to redirect to oauth URL always.

Any help will be appreciated.


Regards

Priyavrat

Priyavrat

8 REPLIES 8
Highlighted
Employee

Re: Access Token Issue

Once you have been granted an access token from Constant Contact, you should be able to store the access token and secret and use those to make future requests on behalf of that user without having to go through the entire OAuth authentication process again. You would still need to pass in other information with the request as described in http://developer.constantcontact.com/Oauth - but this can all be done on your end without requiring authorization from the user.


 


I hope this answers your question, if not please let me know and I will be happy to help. Thanks!

David J

Highlighted
Participant

Hello, What is the token

Hello,


What is the token secret that should be used when obtaining unauthorised request token from the constant contcat provider.


I am getting 401 unauthorized. and the below error.


HTTP Status 401 - Invalid signature for signature method HMAC-SHA1


while going through the documentation of oauth, it is saying that the consumer secret key is contacted with token secret, my question is when i am requesting for unauthroized request token i don't have token secret. my request url is as followos.


https://oauth.constantcontact.com/ws/oauth/request_token?oauth_callback=xxxxxxx.aspx&oauth_consumer_...


Please let me know if any one has resolved this issue.


 


 

Highlighted
Employee

Re: Hello, What is the token

The token secret that would be used is the 'Consumer Secret' that you can find by logging in at Api Keys. You can login here with your normal Constant Contact username and password, and this will give you your Api key and consumer secret needed for OAuth authentication.

David J

Highlighted
Participant

 Hello, i am still getting

 Hello, i am still getting the error given below.


HTTP Status 401 - Invalid signature for signature method HMAC-SHA1


may i know exactly where i am going wrong.


Dear Priyavrat,


Have you able to get the unauthorized request token, i am not able to complete the first success i mean getting unauthorized request token from constant contact, i you have can you post the code here i am working with c# and asp.net

Highlighted
Employee

Re: Hello, i am still getting

Unfortunately we do not have any pre-written C#/ASP.NET samples for OAuth at this time, but it is something we are looking to come out with in the near future. In the mean time, if you would be able to post your code in reply to this post or email it to our webservices support team we would be happy to take a look at this and see what suggestions we can offer.

David J

Highlighted
Participant

Hello, The documentation in

Hello,


The documentation in the below url path says that "you should use the POST method when accessing this URL and always use SSL."


http://developer.constantcontact.com/Oauth


Does it mean that we have generate the SSL certificates, or need to buy any thrid party certificates, how can we know that constant contact is using which certificate, please let me know further on this.


 


 

Highlighted
Participant

Hello, What SSL constant

Hello,


What SSL constant contact is using, what certificate should the application developers use when using OAUTH mechanism.


please let me know.


 

Highlighted
Moderator

There is no need to buy SSL

There is no need to buy SSL certificates, HTTPS management should be done automatically for you by your development platform and library of choice.  The key to getting this done is simply to set your request to HTTPS instead of HTTP.  If you're receiving any errors, it is likely caused by a setting in your library/language or an actual code error.


 


If you're continuing to have verification errors, it would be best to post the full error message and the code you're running.  You can also send it on to our webservices support team

Dave Berard
Senior Product Manager, Constant Contact
Developer Portal

View API documentation, code samples, get your API key.

Visit Page

Constant Contact 2020 End of Summer Community Sweepstakes!

The Constant Contact User Community is hosting a sweepstakes. The more you participate, the more chances you have to win! Read on to learn more...

Read More
Featured