Community Home
Get Help
Events & Webinars
Ideas
Groups
Resources
MyRewards
 

Setting up authentication but need a variable redirect URI

SOLVED
Go to solution
MartinG105
Rookie
‎06-01-2016 08:16 AM
0 Votes
‎06-01-2016 08:16 AM

Hi there,

 

I am setting up a Wordpress plugin which will enable end users to sign up to one of their Constant Contact lists. I am following these instructions here about oauth:

 

http://developer.constantcontact.com/docs/authentication/oauth-2.0-client-flow.html

 

The problem I am having is that the redirect URI can only be a single URL, but I need it to go the customers Wordpress website. So this isn't going to work. I was hoping I could pass an additional query string paramter so I could then do a 2nd redirect from my website back to their Wordpress website, but I can't pass in any additional parameters. 

 

How do I go about solving this issue? Is the solution with like a SSO as detailed here: https://developer.constantcontact.com/docs/account-management/sso.html it says: Approved Constant Contact technology partners selling Toolkit can integrate with Constant Contact's Single Sign On how do I go about becoming a technology partner? If this is what I need to do?

 

Your help is much appreciated!

 

Thanks,

Labels:
1 ACCEPTED SOLUTION
Elijah_G
Marketing Legend
‎06-01-2016 10:22 AM
‎06-01-2016 10:22 AM

Hello,

 

The best solution to this issue involves having a very minimal hosted page under your control that can be used as the redirect, which would then pass the request back to wordpress. This can be done by taking advantage of OAuth 2.0 allowing query parameters to be freely appended to the redirect URI. So for example, you can set up your redirect URI as http://www.google.com and then send http://www.google.com?redirect=yahoo.com with the actual authorization request. This process would allow the page you control to read the "redirect" parameter and simply forward the request along, including any relevant OAuth parameters. It is also very important to mention that this specific process only works with the Server flow rather than the Client flow.

 

To give a bit of clarity on the two flows, the client flow is created for implementations such as a mobile app where you need to capture the token from a browser object and store it locally. The client flow accomplishes this by appending the token as a URL fragment, which cannot be passed along in the scenario I described above. The server flow is better suited to applications such as a wordpress plugin due to the dynamic URL. 

 

Hopefully this provides some clarity, but please let me know if there's any questions!

 

Sincerely

Elijah G.
API Support Engineer

View solution in original post

12 REPLIES 12
Resources
Developer Portal

View API documentation, code samples, get your API key.

Visit Page

Announcements

API Updates

Join our list to be notified of new features and updates to our V3 API.

Sign Up