cancel
Showing results for 
Search instead for 
Did you mean: 
Constant Contact wants to help you succeed! We’re celebrating our professional service programs on the Constant Contact Community this month and you have a chance to try one of the services for free! Learn more.

Oauth not hitting my redirect_uri

Occasional Contributor

Oauth not hitting my redirect_uri

Hello support-
I have hit a wall trying to integrate with your API. During the Oauth process (server side, using PHP+cURL), I hit this URL:
https://oauth2.constantcontact.com/oauth2/oauth/siteowner/authorize?response_type=code&client_id=MY-...

I get a response of "1"
My redirect_uri is never hit. I have a script ready and waiting that I can hit directly and see a response, but it is not hit when trying to authenticate.

Can you help me? I'm use curl (PHP) to "get" the response and these are the only parameters I'm sending:
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);

I'm familiar with various curl options and actually cut some out based on some examples I found at Stackoverflow.

 

Thanks in advance

Brian

9 REPLIES 9
CTCT Employee

Re: Oauth not hitting my redirect_uri

Hi,

 

It's hard to say why that redirect uri isn't being hit without seeing all of your code, but in the first step, you should be calling us to get an authorization, then the username and password will need to be provided.  Next, we should give you an authorization code, and you exchange that for an access token.  I'm not sure if you're doing both steps there.  

 

We have a simple example of how to use curl to authenticate here.  I hope that helps!

 

 

Best Regards,

Shannon W.

API Support Specialist

Occasional Contributor

Re: Oauth not hitting my redirect_uri

When you say "you should be calling us to get an authorization, then the username and password will need to be provided" , you mean "to get the 'code,' the API KEY will need to be provided", right? At no time am I providing the password; I provide the username, key and secret during the second step. Looking for clarification.

 

From the sample you linked; I am trying just this small snipet of code and it still does not hit my redirect_uri:

 header('location: '.$codeurl);
// This message board changed some of the code, but what I pasted is lines 74 and 76.
 
Perhaps my API KEY is not set up properly? May I send you an email?
Trusted Contributor

Re: Oauth not hitting my redirect_uri

Hello,

 

The first call is actually a redirect to the authorize url (your $codeurl).  This should be a redirect of the browser (as if a link to the url were clicked). the browser's next stop would be a login page where the user must enter the username and password, then if valid they will be asked to allow access - granting permission for your application to access their account resources. Our server then should redirect to your redirect uri, where you callback script makes a cURL request to exchange the authorization coede provided in that callback for the access token that serves as the authentication credential in your subsequent API requests.

 

I checked you API Key (I found two), and I assume you are using the one in your script that has a redirect URI in it's settings, as one doesn't have a redirect URI.

 

You can email us directly at webservices@constantcontact.com, and we'll be happy to offer whatever additional assistance we can.

Mark Coleman
Support Engineer
Occasional Contributor

Re: Oauth not hitting my redirect_uri

Never mind. I'm trying to do something not built for OAuth. I'm going to re-think how I want to implement this.

Highlighted
Trusted Contributor

Re: Oauth not hitting my redirect_uri

I don't know what type of intergration you are working on, but eventually we'll be moving entirely to OAuth 2.0.  For some integrations this requires you to go through the process once to get an access token, then store that access token, or hard-code it into your applications scripts, so each use doesn't require someone to re-authorize. If you let us know the nature of the integration (feel free to email if you want), we can probably provide a flow and perhaps some suggestions on good ways to implement an authentication strategy.

 

Cheers,

Mark Coleman
Support Engineer
Occasional Contributor

Re: Oauth not hitting my redirect_uri

Thanks. Still using OAuth2, just changing they way the clients connect. In fact I just got it working a few minutes ago.

 

While I have your attention, one piece of feedback from the documentation:

http://community.constantcontact.com/t5/Documentation/Adding-a-Contact-to-a-List/ba-p/25121

This is messy. I'd like an API call where I can just add a contact to a list; the way this looks, I'll have to go get all the current lists and then call the API to add the contact to the list.

Trusted Contributor

Re: Oauth not hitting my redirect_uri

Hello,

 

Thank you for your feedback. We appreciate feedback like this, as we're always seeking ways to make our API better and more accessible for developers.  Currently, contacts are unique  in our system at the account level (See this explanation of our contact data model, which may differ from some other services currently). If you're adding a contact to a list that has never previously been added to an account, this can be done with a single post requests, assumign you have the list ID's for the lists you wish to add them to.  Since this is actually "creating" a contact in the account, it's actually a create contact call.  

 

The call to add a contact to a list is effectively updating the list attribute of the contact. Because the normal PUT request to update the contact will replace current details with new ones provided in your PUT request, we suggest a GET for the contact details first, then adding the list among the existing ones in the contact XML/object, and submitted that updated XML/object with a PUT request - which I think is what you're referring to. If you're updating or syncing a large number of contacts, using a bulk activity to do the update (as in syncing or updating and entire list of contacts at once), the action appends the details for each contact, instead.

 

Thanks again for the feedback.

Mark Coleman
Support Engineer
Moderator

Re: Oauth not hitting my redirect_uri

Thank again for the feedback. As Mark mentioned, we are always looking for feedback. We are in the process now of building version 2 of our API platform.  One of the big items we're looking at is making it much easier to do updates to list membership of Contacts.  As you mentioned, it takes a minimum of 3 API calls currently to update a Contact's list membership.

 

When you're doing these updates, are you also passing Contact information to update as well or ar you just looking to modify the lis memberships?  Also, are you removing list memberships or just adding new ones?  Any details on how you, as a developer, would expect this to work for you would be great.

Dave Berard
Senior Product Manager, Constant Contact
Occasional Contributor

Re: Oauth not hitting my redirect_uri

Dave, feel free to email me directly -- happy to share what I'm doing off the message board.