I'm using OAuth to authenticate in a three-legged scenerio. I'm able to receive the access token and secret, but I'm confused about the last part. Step 4 says "Now you can call any Constant Contact REST based API using OAuth." My problem is that all of the API documentation shows making calls to urls that include the username, but I don't have the username. Best I can tell there isn't an api call I can make to get the username either. Services like twitter solve this problem by passing back the username along with the access token.
So my questions boils down to:
Is there a way to make calls to the api without a username?
And if not . . .
Is there a way to get the username from the API?
I did some testing and I do see that if you do not know the username already, you would have to ask for it, on top of them having to put it in for the OAuth access token authentication.
I spoke with our developers on this issue and they also agree that this is something that should be implemented. I am going to put a request in and they are going to look into implementing this.
If you have any questions about this issue, please let me know.
Has this issue been resolved yet? I don't understand how to use the API for an integration with this.
For example, I want the user to use oauth2 with constant contact and then I'll show him his contact lists so he can select one to use with my application. But according to this thread I need to not only get them to log into constant contact through oauth2 but then ask for their username again? This doesn't seem right. Can't you pass back the username with the token?
We are aware of the issue and are working to resolve it. The best work around available is get the username in a text box and pass it through the post or store into a session. I understand that this is not the most user-friendly but it is a work around and we are looking into a fix to get the username returned.
Please let me know if this helps.
OAuth 1.0/2.0 can be used for any integration you would like. Given the ease of using OAuth 2.0, it is highly recommended that you use this method of authentication for integrations. You can alternatively use Basic authentication as well.