I don't understand the API v3 flow

NCPC_DC
Occasional Participant

I don't understand the API v3 flow

From what I have been able to gather from reading and a little testing, the v3 API requires contacts to log into a Constant Contact account to grant permission to the application before they can sign up - is that correct?

 

In all the examples I have seen, there is an api_key, a token, and a redirect URI, but even though I created a secret key, it is not used - again from the examples I have seen. The authorization URI looks like this: "https://api.cc.email/v3/idfed?client_id={your_client_id}&redirect_uri=https%3A%2F%2Flocalhost%3A8888... but this takes the user (new contact) to the Constant Contact sign in page. 

 

This makes no sense to me, why would a new contact need to have a Constant Contact account -  and what is that secret key for if it is not used in the authentication? Or, am I missing something?

 

Any advice would be greatly appreciated,

Steve

1 REPLY 1
Courtney_E
Moderator

Thank you for reaching out to Constant Contact API Developer Support and for your patience. My team is here to assist outside software developers with questions about building into Constant Contact's API.

 

When, for example, adding contacts to a list from a custom sign-up form app, the "user" referred to in the OAuth Server Flow would be the owner of the website who is setting up the form, as opposed to the contacts filling out the form. The owner of the website (and Constant Contact account) would grant the app access to their account during the initial setup of the form, after which the app would use step 5 of the Server Flow to exchange it's Refresh Token for a new pair of tokens whenever the Access Token expires, without the owner needing to log in again.

 

The Client Secret is used in step 4 of the V3 API OAuth2.0 Server Flow and is used to acquire the initial Access Token and Refresh Token.

 

V3 API OAuth2.0 Server Flow
https://developer.constantcontact.com/api_guide/server_flow.html

 

V3 API Token Overview
https://developer.constantcontact.com/api_guide/auth_overview.html#tokens


Regards,

Courtney E.
API Support Specialist

Did I answer your question?
If so, please mark my post as an "Accepted Solution" by clicking the Accept as Solution button in the bottom right hand corner of this post.
Developer Portal

View API documentation, code samples, get your API key.

Visit Page