cancel
Showing results for 
Search instead for 
Did you mean: 

oAuth2.0 Server Flow in V3 API

SOLVED
Occasional Participant

oAuth2.0 Server Flow in V3 API

We use Constant Contact to manage email campaigns and want to take advantage of your RESTful API to do some integration with our custom CRM.    

 

In looking through your API docs I have determined that the OAuth2.0 Server Flow is the right one for our purposes since it doesn’t require interaction by users.   I followed the steps outlined on the website(https://v3.developer.constantcontact.com/api_guide/server_flow.html).   I am stuck on Step 4: Exchange the Authorization Code for an Access Token and a Refresh Token.     I have built the POST request using JSON format in the body of the post.  Following are the specifics:

 

 

URL: https://idfed.constantcontact.com/as/token.oauth2

 

Headers:

 

"content-type: application/json"

"accept: application/json"

"authorization: Basic {authcode}"  , where {authcode} is the Base64 encoded version of our API Key and Secret gleaned from our My Applications page

 

Body:

{

"code" : "{code}",

"redirect_uri" : "https://www.oursite.com",

"grant_type" : "authorization_code",

}

 

where {code} is the code returned in the URL in Step 3

 

When I send the POST request I get the following error:

 

{"error_description":"grant_type is required","error":"invalid_request"}

 

As you can see in the Body above, “grant_type” is clearly being sent.   

 

Thoughts?

3 REPLIES 3
Moderator

Re: oAuth2.0 Server Flow in V3 API

Hello @MattK9938 ,

 

Thank you for reaching out to Constant Contact's API Support.

 

Your code does look correct to me. I just went through POSTman and gave it a shot as well to make sure everything is working. I was able to get a valid response back. Here is my POST displayed as PHP cURL. Can you provide the full code snippet and not just that one body section? Maybe there is something in another section causing an issue.

 

<?php

$curl = curl_init();

curl_setopt_array($curl, array(
  CURLOPT_URL => "https://idfed.constantcontact.com/as/token.oauth2?code=PKxX_IGvP06o24xOh3-UuEqWcncwyWhTl9ViaAEt&redirect_uri=https%3A%2F%2Flocalhost%2F%2A&grant_type=authorization_code",
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_ENCODING => "",
  CURLOPT_MAXREDIRS => 10,
  CURLOPT_TIMEOUT => 30,
  CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
  CURLOPT_CUSTOMREQUEST => "POST",
  CURLOPT_POSTFIELDS => "",
  CURLOPT_HTTPHEADER => array(
    "Authorization: Basic (base64-APIKey:ClientSecret)",
    "Postman-Token: 6a82b9b6-7657-409a-b481-4e0e65a5f722",
    "cache-control: no-cache"
  ),
));

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
  echo "cURL Error #:" . $err;
} else {
  echo $response;
}

Regards,
Jimmy D.
Tier II API Support Engineer
Occasional Participant

Re: oAuth2.0 Server Flow in V3 API

Hi Jimmy -

 

Here is the code using PostMan and JSON:

 

POST /as/token.oauth2 HTTP/1.1
Host: idfed.constantcontact.com
Content-Type: application/json
Accept: application/json
Authorization: Basic (base-64-APIkey:ClientSecret)
cache-control: no-cache
Postman-Token: b28d7fc5-f3ae-46f0-9c58-cb845c4baabd
{

"code" : "6msYLOZU3CtpMg-2IEzkjTsReeXvZIjpn6ZUQQEt",

"redirect_uri" : "https://www.oursite.com",

"grant_type" : "authorization_code"

}------WebKitFormBoundary7MA4YWxkTrZu0gW--

 

 

This returns the exact same error.

Occasional Participant

Re: oAuth2.0 Server Flow in V3 API

I got it to work.  I ended up not using JSON in the POST Request and it worked fine.

 

Thank you Jimmy.  The code you posted got me thinking that I shouldn't use JSON.