Hi there,
I am setting up a Wordpress plugin which will enable end users to sign up to one of their Constant Contact lists. I am following these instructions here about oauth:
http://developer.constantcontact.com/docs/authentication/oauth-2.0-client-flow.html
The problem I am having is that the redirect URI can only be a single URL, but I need it to go the customers Wordpress website. So this isn't going to work. I was hoping I could pass an additional query string paramter so I could then do a 2nd redirect from my website back to their Wordpress website, but I can't pass in any additional parameters.
How do I go about solving this issue? Is the solution with like a SSO as detailed here: https://developer.constantcontact.com/docs/account-management/sso.html it says: Approved Constant Contact technology partners selling Toolkit can integrate with Constant Contact's Single Sign On how do I go about becoming a technology partner? If this is what I need to do?
Your help is much appreciated!
Thanks,
Solved! Go to Solution.
Hello,
The best solution to this issue involves having a very minimal hosted page under your control that can be used as the redirect, which would then pass the request back to wordpress. This can be done by taking advantage of OAuth 2.0 allowing query parameters to be freely appended to the redirect URI. So for example, you can set up your redirect URI as http://www.google.com and then send http://www.google.com?redirect=yahoo.com with the actual authorization request. This process would allow the page you control to read the "redirect" parameter and simply forward the request along, including any relevant OAuth parameters. It is also very important to mention that this specific process only works with the Server flow rather than the Client flow.
To give a bit of clarity on the two flows, the client flow is created for implementations such as a mobile app where you need to capture the token from a browser object and store it locally. The client flow accomplishes this by appending the token as a URL fragment, which cannot be passed along in the scenario I described above. The server flow is better suited to applications such as a wordpress plugin due to the dynamic URL.
Hopefully this provides some clarity, but please let me know if there's any questions!
Sincerely
Announcements
Join our list to be notified of new features and updates to our V3 API.
Sign Up