I am currently developing web api c# using v3 api but when I tried to access the request url from other machine it always ask for login
We are trying to use one account for many user.
We created an api to create email contact using access token
Goal is to prevent user to login if the web app access the request url already set allow access
I actually just this for PHP. You can find it here PHPFUI\ConstantContact Basically had the same problem, but came up with a reasonable solution. Check out the readme, but essentially you need to make your user authenticate the app, then you save off the tokens and do a periodic token refresh. The token should then not expire.
Also the library is generated off the YAML file and updated nightly. So any change to the YAML file produces a new version of the library, so it is always 100% up to date with the API schema. There is a Generator class that writes out the appropriate PHP files. Since PHP and C# are very similar (Java or C++ type languages), it should be very easy to port this library to C#.
Feel free to copy the design. Enjoy!
My name is Caleb and I am a member of Constant Contact's API Developer Support Team.
When using the authorization URL a user will always be prompted to login to the account they would like to grant the application access to unless that user is currently logged into a Constant Contact account that has previously authorized the application. Typically this action only occurs when first using a new integration as once they have provided permission for the application to make changes to the account the application will have an access token to make calls with.
In your circumstance, you are attempting to re-authorize the application on your new system which did not have a Constant Contact account logged in, this prompted the request to login to the account and authorize the application again. Once the user has authorized the application on their machine you should be able to prevent them from needing to re-login by keeping the tokens refreshed.
Additionally, if you are connecting to Constant Contact as the same user on both systems without sharing your token information you will find that the two instances of the application will invalidate the other's tokens. To prevent this issue there will be a couple of different solutions. The optimal solution to this issue would be to share the token information over a shared server which would allow the application to always stay authenticated and would prevent the need for the users to login when signing in on a new machine. If this option is not available you will then want to either have each instance of the application use a new API key or you will want to sign into the Constant Contact account using a different users login information for each instance as the access token is unique to the user which signed in.
Moving forward, once the application has been authorized you will then want to have your application keep itself authorized with the account by utilizing the the refresh token found in step 5 of the OAuth 2.0 Server Flow. Below I have linked to the documentation which covers this as well as a link to how to keep these tokens active.
OAuth 2.0 Server Flow:
Extending the Life of Tokens: