cancel
Showing results for 
Search instead for 
Did you mean: 

Multi-account non web based app

New Member

Multi-account non web based app

Hi All, I am starting to look at adding the ability for customer's of our proprietry software, to add lists/email accounts from an option inside our software suite.  This is not a web based app. .  

 

I have read that we need a redirect URL etc for multiple customers, however, snce this is not a web based app, I am not sure how to proceed.

 

So, if:

1. Each of our customers will have there own Constant Contact account

2. Access to adding list name/email account will be availbale from a non web based app running on a private server owned by the customer.   (I am looking to use command line PHP).

 

How would I go about with the authorization for each customer?

 

1 REPLY 1
Honored Contributor

Re: Multi-account non web based app

Hello,

 

In this case, you would use the OAuth client authentication flow. In order to do that, two things are required:

  1. The ability to create a web browser object within your application.
  2. The ability to read the current URL of the web browser whenever it updates.

If you can do these two things, you would implement the OAuth client flow, which follows these steps:

  1. A browser object is loaded with the authorization URL for your application
  2. The user is then redirected to a login page.
  3. Once they are logged in, they will then be redirected to a page to grant access to your application
  4. Once access is granted, the user will then be redirected to the Redirect URI specified in your API key. 

Once step 4 is reached, the URL for the redirect will include access token info in the URL that is redirected to. I your redirect URL was http://localhost (the default value), then this would be in the following format:

  • http://localhost#access_token=ACCESS_TOKEN&token_type=Bearer&expires_in=304915548

You can then get the Access Token by simply parsing the data that is included in the URL of the browser object that your application is controlling. This token can then be stored for future use. In order for this to work, it is often best to use a redirect URI that will load, ensuring that the browser allows you to read the URL that is loaded. For this, I would suggest setting the Redirect URI for your API key to match that of the website that best represents this proprietary tool. the redirect URI for API keys can be changed by logging in to your developer account with Mashery and editing the application that you registered.

 

For reference purposes, here is the format for getting your Authorization URL:

https://oauth2.constantcontact.com/oauth2/oauth/siteowner/authorize?response_type=token&client_id=API_KEY&redirect_uri=URL_ENCODED_REDIRECT_URI

 

If you have any questions about this process, please feel free to ask!

 

Sincerely,

Elijah G.
API Support Engineer