I'm putting together a new service that will be generating leads. I'd like to give my customers the option of having these leads automatically feed into CC, rather than making them download a CSV from me and upload it to you.
I looked through the API samples, and I see how I can do this, but it seems to require that I get the user name and password from my customer.
Frankly, I don't *want* my customer to have to tell me this information.
All the APIs I've found so far seem to assume that the communication with CC will be happening server-side. I'd rather use an API that was designed to be run client-side (even though my server will be calling it), because an API like that isn't going to be relying on passwords in-the-clear in form fields.
For example, salesforce.com has web-to-lead, which lets you post a new lead into the database.
Do you have an API like that?
Unfortunately any type of lead generation service would not be able to integrate with Constant Contact. All contacts loaded into a constant contact have to have given explicit direct permission to the individual / company that is mailing to that contact. So any type of service that generates leads and puts them into constant contact would go against our Terms of Service.
Please contact our support lines at 1.866.289.2101 with any questions regarding our TOS.
OK, then. That strikes me as a pretty customer-hostile set of terms, but who am I to tell you how to run your business? :)
I'll just make sure that we export CSV files that are very easy to upload into CC, and then write some very clear instructions.
Do you have some user-facing documentation of best practices for CSV files that I can use a guide?
For clarification on your original question, you do not need to get the username/password of your customers. We offer an alternative authentication system called OAuth that allows your customers to provide your integration with permission (like Facebook and Twitter) and we provide you with a token instead of their username/password. You can find additional information on this flow here: http://community.constantcontact.com/t5/Documentation/Authenticating-Requests-with-OAuth/ba-p/25073
Regarding our compliance restrictions, there are some limitations on what we allow in our system. Any emails sent from our product are required to be permission based. That is a very broad term that can mean different things to different people. Basically, we require that whenever someone provides a customer with their email address, it is simply made clear that they are going to be receiving email marketing messages.
What we do not allow in our system is pruchased lists or third party lists. Often times, these are referred to as "lead lists" and I think this is where the confusion on your original question may be coming from. Provided that your customers are not using purchased, rented or borrowed lists and are letting these signups know that they are receiving marketing emails, they would have no problems using those email addresses in our system.
Sorry for any confusion from your original post, hope this helps clear things up for you.
Yes, that helps a lot. In my case, the person providing their email address will absolutely understand that they are providing it to get on a mailing list. So it sounds like we're right in line with your terms.
I'll dig into your OAuth docs. I'm familiar with that tech, and it does sound like what I'm looking for.