Do the old OAuth tokens become invalid when new ones are issues?

user942713
Occasional Participant

Do the old OAuth tokens become invalid when new ones are issues?

I am a developer for poptin.com and I am working on an integration with Constant Contact. I am using OAuth to authenticate with your platform. But there seems to be an issue, when the user authorizes a second time, the tokens that were issued on the  first time become invalid. This doesn't happen with OAuth on other platforms. Is this a security thing? In Poptin, the client can choose to connect the Constant Contact integration in a few places, but as soon as they will try to authenticate and connect in multiple places, old integrations will stop working. How to work around this? Is there a way there to make the authentication work with multiple tokens?

3 REPLIES 3
Amy_Y
Employee

Hi, For our API team, please reach to webservices@constantcontact.com. You should receive a response within one business day depending on time of day and volumes. Thank you!


Amy Y.
Community & Social Media Support

Did I answer your question? If so, please mark my post as an "Accepted Solution" by clicking the Accept as Solution button in the bottom right hand corner of this post.

You're not alone on your email marketing journey. Connect with a Marketing Advisor to see how they can help you develop the right
strategy for your business and get the most out of your Constant Contact experience.

it would help other developers if an answer to the OP's question was posted in this same thread.

Stephen_T
Moderator

Hello @user942713,

 

Thank you for reaching out to Constant Contact API Developer Support. My team is here to assist outside software developers with questions about building into Constant Contact's API.

 

When it comes to Access Tokens they do expire/overwrite after a certain amount of time or when a user generates a new Access Token depending on which API version they're using. This was implemented as a security measure, if you need multiple Access Tokens on an account for our V2 API the only workaround at this time would be to have multiple users on the account that way they can all have a separate Access Tokens. Our V3 API on the other hand does not offer static Access Tokens as they expire every 2 hours. Just in case, below are links to documentation on Access Tokens for both our V3 and V2 APIs.

 

V3 API (Expires)
https://v3.developer.constantcontact.com/api_guide/client_flow.html#step-3-retrieve-the-access-token

 

V2 API (Overwrites)
https://v2.developer.constantcontact.com/docs/authentication/authentication.html

 

Please reply directly to this post if you have any other questions!

 

Regards,


Stephen T.
API Support Engineer
Did I answer your question? If so, please mark my post as an "Accepted Solution" by clicking the Accept as Solution button in the bottom right hand corner of this post.

You're not alone on your email marketing journey. Connect with a Marketing Advisor to see how they can help you develop the right strategy for your business and get the most out of your Constant Contact experience.
Developer Portal

View API documentation, code samples, get your API key.

Visit Page