We have to migrate to v3 because some functionalities are retired on v2 and that made our current transaction email process fail. Our process doesn't involve end users, we are sending emails directly to them thru cc based on rules.
On v2 we were use to connect with api key has a get parameter and use Authorization Bearer to call APIs to create contact, list, campaigns, etc...
I cannot access v3 API with the new authentication mechanism. I don't have the use of the redirect url to ask user permission as the process is server to server.
Do we have a way/document that explain how to directly interact with v3 APIs using client_id and secret?
I have contacted support by phone and by email but for the moment I am still blocked.
Thanks for your help
Thank you for reaching out to Constant Contact API Developer Support and for your patience. My team is here to assist outside software developers with questions about building into Constant Contact's API.
The V3 API uses both an Access Token and a Refresh Token, rather than a long lasting token like the V2 API uses. Using access tokens with a limited lifespan decreases the risk and impact of compromised credentials. V3 still makes use of Authorization Bearer for the Access Token, but you will also need to use the Refresh Token to obtain a new Access Token when the existing one expires.
When going through the OAuth2.0 Server Flow for the V3 API, you should only need to use the Authorization Request URL once, and then after that you can exchange the Authorization Code for an Access Token and a Refresh Token which can be used to authenticate from that point forward.
OAuth2.0 Server Flow for the V3 API
More about V3 Tokens