We all started somewhere! Share your experience on the Get Advice: Let's Get Started Sweepstakes thread and be entered to win a $100 credit on your Constant Contact account.

Access Token Issue

pvnarula
Regular Participant

Access Token Issue

Hello,

Do the user always have to redirect to the constant contact url i.e. https://oauth.constantcontact.com/ws/oauth_login to Grant Access ? Or is their a way to save token info for future uses without being redirect to oauth_login URL always. So that we can use that token info for accessing web service API's without the user to redirect to oauth URL always.

Any help will be appreciated.


Regards

Priyavrat

Priyavrat

8 REPLIES 8
David_J
Employee

Once you have been granted an access token from Constant Contact, you should be able to store the access token and secret and use those to make future requests on behalf of that user without having to go through the entire OAuth authentication process again. You would still need to pass in other information with the request as described in http://developer.constantcontact.com/Oauth - but this can all be done on your end without requiring authorization from the user.


 


I hope this answers your question, if not please let me know and I will be happy to help. Thanks!

David J

sb_sivakumar
Regular Participant

Hello,


What is the token secret that should be used when obtaining unauthorised request token from the constant contcat provider.


I am getting 401 unauthorized. and the below error.


HTTP Status 401 - Invalid signature for signature method HMAC-SHA1


while going through the documentation of oauth, it is saying that the consumer secret key is contacted with token secret, my question is when i am requesting for unauthroized request token i don't have token secret. my request url is as followos.


https://oauth.constantcontact.com/ws/oauth/request_token?oauth_callback=xxxxxxx.aspx&oauth_consumer_...


Please let me know if any one has resolved this issue.


 


 

David_J
Employee

The token secret that would be used is the 'Consumer Secret' that you can find by logging in at Api Keys. You can login here with your normal Constant Contact username and password, and this will give you your Api key and consumer secret needed for OAuth authentication.

David J

sb_sivakumar
Regular Participant

 Hello, i am still getting the error given below.


HTTP Status 401 - Invalid signature for signature method HMAC-SHA1


may i know exactly where i am going wrong.


Dear Priyavrat,


Have you able to get the unauthorized request token, i am not able to complete the first success i mean getting unauthorized request token from constant contact, i you have can you post the code here i am working with c# and asp.net

David_J
Employee

Unfortunately we do not have any pre-written C#/ASP.NET samples for OAuth at this time, but it is something we are looking to come out with in the near future. In the mean time, if you would be able to post your code in reply to this post or email it to our webservices support team we would be happy to take a look at this and see what suggestions we can offer.

David J

sb_sivakumar
Regular Participant

Hello,


The documentation in the below url path says that "you should use the POST method when accessing this URL and always use SSL."


http://developer.constantcontact.com/Oauth


Does it mean that we have generate the SSL certificates, or need to buy any thrid party certificates, how can we know that constant contact is using which certificate, please let me know further on this.


 


 

sb_sivakumar
Regular Participant

Hello,


What SSL constant contact is using, what certificate should the application developers use when using OAUTH mechanism.


please let me know.


 

DaveBerard
Moderator

There is no need to buy SSL certificates, HTTPS management should be done automatically for you by your development platform and library of choice.  The key to getting this done is simply to set your request to HTTPS instead of HTTP.  If you're receiving any errors, it is likely caused by a setting in your library/language or an actual code error.


 


If you're continuing to have verification errors, it would be best to post the full error message and the code you're running.  You can also send it on to our webservices support team

Dave Berard
Senior Product Manager, Constant Contact
Developer Portal

View API documentation, code samples, get your API key.

Visit Page