authorization error

DannyJ810 · ‎02-08-2021

Hello!, I need to make a simple integration with Constant Contact to work.

I have an app registered:

https://app.constantcontact.com/pages/dma/portal/#application/5d01772e-d2a3-40b1-9098-8177e453697e

I have a Mashery account:

[image removed for privacy]

and I generated an authorization token:

I have a simple PHP/CULR based function which collects the data and sends it to Constant contact, as described here>

https://v3.developer.constantcontact.com/api_guide/contacts_create_or_update.html

The code is pretty simple:

$body = array(

            "email_address" => $email_address,

            "first_name" => $first_name,

            "last_name" => $last_name,

            "list_memberships"=>$list

        );

        $header=array();

        $header[]="Content-Type: application/json";

            $header[]="Authorization: Bearer ".$token;

        $this->_log(json_encode($header),'Header: ');

        $this->_log(json_encode($body),'Request: ');

        $ch = curl_init("https://api.cc.email/v3/contacts/sign_up_form");

        curl_setopt($ch, CURLOPT_HTTPHEADER,$header);

        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

        curl_setopt($ch, CURLOPT_POST, 1);

        curl_setopt($ch, CURLOPT_POSTFIELDS, $body);

        $server_output = curl_exec($ch);

        $this->_log($server_output,'Response: ');

        curl_close($ch);

And the output also looks ok:

2021-02-08 11:59:38
Header: : ["Content-Type: application\/json","Authorization: Bearer 7855b000-f840-4a1e-aac1-cfc545382905"]

2021-02-08 11:59:38
Request: : {"email_address":"webgobe@gmail.com","first_name":"Denes","last_name":" Szekely","list_memberships":["fc3464f2-9a6e-11ea-9a0f-d4ae52844390"]}

2021-02-08 11:59:38
Response: : {"error_key":"unauthorized","error_message":"Unauthorized"}

The Header and the body in the above log entry are JSON encoded for readability. My problem is that I am getting this Unauthorized error. I even tried to test my code on the link found on dev portal, and that worked. I am clueless now, and any help is greatly appreciated!

Courtney_E · ‎04-26-2021

Thank you for reaching out to Constant Contact API Developer Support and for your patience. My team is here to assist outside software developers with questions about building into Constant Contact's API.

It looks like you are using the V3 API documentation and endpoints with a V2 API key and access token, which is likely the reason you are receiving an error. The app that you have registered in the Dev Portal should have your V3 API key, and the API endpoint tester at v3.developer.constantcontact.com also accesses the V3 API key that was created. To resolve this, you’d want to use the V3 API OAuth2.0 Server Flow to authenticate the connection and generate an access token and refresh token. Those instructions below:

V3 OAuth2.0 Server Flow
https://v3.developer.constantcontact.com/api_guide/server_flow.html

For your privacy and security, we’ve removed the image of your V2 API Key and Client Secret that was included with your post, and have also revoked the token (the Client Secret was no longer secret). If you do need to use the V2 API, I’d recommend generating a new key. The V2 API keys generated through Mashery have a different authentication flow and endpoints than the V3 API.

V2 API Documentation
https://v2.developer.constantcontact.com/docs/developer-guides/overview-of-api-endpoints.html

Regards,

Courtney E.
Tier II API Support Engineer

Did I answer your question?
If so, please mark my post as an "Accepted Solution" by clicking the Accept as Solution button in the bottom right hand corner of this post.

Developer Portal

Three Reasons Why You Should Use Email Marketing Year Round