cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

V3 API: Retrieve the Authorization Code

SOLVED
Go to solution
CarolynG105
Regular Participant
‎01-19-2020 11:37 PM
‎01-19-2020 11:37 PM

V3 API: Retrieve the Authorization Code

I'm trying to figure out how to retrieve the Authorization Code programmatically.

On the OAuth2.0 Server Flow -> Step 4 :  How do you login programmatically to get the Authorization code?

The URL takes you to a login page where you need to enter your user id and password.

 

https://api.cc.email/v3/idfed?client_id=#clientID&redirect_uri=https://localhost&response_type=code

 

https://v3.developer.constantcontact.com/api_guide/server_flow.html

Reply
1 ACCEPTED SOLUTION
Jimmy_D
Moderator
Moderator
In response to CarolynG105
‎01-21-2020 04:18 PM
‎01-21-2020 04:18 PM

Hello Everyone,

 

Just to answer a question that has not been answered by others in this thread.

 

The Refresh Token does not expire. It can be invalidated if you go through the full oAuth process again to create a new Access/Refresh Token. Once you generate the first pair of Access/Refresh Tokens as long as you only go through Step 5 which is the refresh flow then you will not have to worry about invalidating previously generated tokens.


Regards,
Jimmy D.
Tier II API Support Engineer

View solution in original post

0 Votes
Reply
5 REPLIES 5
raleighb3
Member
‎01-20-2020 12:50 PM
‎01-20-2020 12:50 PM

if i understand your question correctly, the answer is this:   the first time you go through this process, the User must login manually in order to allow access.   Once they grant access, you receive both an Access Token and a Refresh Token.   That Refresh Token can be used as needed to to get another Access Token.  When the Refresh Token is used to get Access Token, no manual User action is necessary because your code can perform this function.

Hope that helps.

0 Votes
Reply
CarolynG105
Regular Participant
In response to raleighb3
‎01-20-2020 03:59 PM
‎01-20-2020 03:59 PM

Thanks for the reply.  Does the refresh token ever expire?  

 

This is what I'm trying to accomplish.

When a new user signs up on our website,  we are going to add them to Constant Contact.  The user that signed up on our website, does not know anything about Constant Contact.  

 

Thanks again.

0 Votes
Reply
raleighb3
Member
In response to CarolynG105
‎01-20-2020 04:28 PM
‎01-20-2020 04:28 PM

i am uncertain as to if/when/how a Refresh Token expires, if ever.   but, you do receive a new Refresh Token each time you use a Refresh Token to obtain a new Access Token

.   

As stated in the CC docs:  "...Access tokens automatically expire two hours (7,200 seconds) after their last use. Access tokens have a maximum lifetime of 24 hours (86,400 seconds)...."

 

here is a helpful link to info on Tokens and even a good Refresh strategy:    https://v3.developer.constantcontact.com/api_guide/faqs_manage_applications.html

edit:   look under the "Make access tokens last longer?" topic on that link

Reply
Jimmy_D
Moderator
Moderator
In response to CarolynG105
‎01-21-2020 04:18 PM
‎01-21-2020 04:18 PM

Hello Everyone,

 

Just to answer a question that has not been answered by others in this thread.

 

The Refresh Token does not expire. It can be invalidated if you go through the full oAuth process again to create a new Access/Refresh Token. Once you generate the first pair of Access/Refresh Tokens as long as you only go through Step 5 which is the refresh flow then you will not have to worry about invalidating previously generated tokens.


Regards,
Jimmy D.
Tier II API Support Engineer

View solution in original post

0 Votes
Reply
Stacyw744
Occasional Participant
‎01-21-2021 05:57 PM
‎01-21-2021 05:57 PM

This question has been marked solved, but it's really not solved. 

 

If you have a website where users create accounts (a store or membership type site), it seems like you can't just add them to your Constant Contact list during the account create - it has to be done in a completely separate admin flow so the Constant Contact accountholder can authenticate and permit adding to the list.   

0 Votes
Reply
Developer Portal

View API documentation, code samples, get your API key.

Visit Page