Oauth Authentication using Javascript


Oauth Authentication using Javascript

Hello everybody,


I was trying to search the answer for this on the web but I wasn't able to understand how the oauth process can work if I use Javascript.


Basically I want to build a customized form to subscribe to my mailing list. To do so I have first to authenticate the access and then pump in the data that I want to add to my mailing list (email-name-mailing list...)


Can anybody give me some tips or some code examples on how to authenticate? I have my API key and the customer secret.


Thank you!


The first question I would have, are you trying to use Javascript in a Browser or as a mobile app?  The main reason I ask is that if you're trying to use these API features through Javascript in a browser, you will quickly find that this is not possible due to browser cross site scripting security restrictions.


In Javascript, you are only allowed to make webservice requests to the same server/domain that the webpage is served from.  Because of that, you would not be able to use our API features directly in javascript on your own web application. 


These restrictions are greatly reduced in most native mobile phone application development tools.  Something like Sensha Touch, which offers a javascript developing environment for multiple mobile platforms, would allow you to do this.  You would need to find an OAuth Javascript Authentication library and implement that into your mobile application.  The only one I'm familiar with, and I have not had the opportunity to use it, is the one mentioned on the official OAuth website: http://oauth.googlecode.com/svn/code/javascript/


Dave Berard
Senior Product Manager, Constant Contact

Thank you dave for your reply.


My app should work for in the mobile environment and I was using that library mentioned on the officail oAuth site you showed me, but I can't make it work. My aim is to build a form to for mailing list subscription, and make its visualization fitting to the mobile environment. Using your implementation it looks it's not mobile firendly, and because of this I should build my own. Is there another way to show contents from the mailing-list subscription form on mobile properly or the only way is the one I'm following, to build a custom form?


Thanks again.

Are you building a mobile app (I.E. something that would be installed from the iPhone App Store) or simply a mobile website?  The mobile website security restrictions remaint he same as it simply uses the mobile browser.  You would run into Cross Site Scripting errors when trying to leverage the webservice from our server.  If you're looking to build a mobile website signup form, my best recommendation would be to do it in a server side language such as PHP or C# and then just wrap it around AJAX calls to emulate a traditional javascript only interface.  This will allow you to remain secure and still provide the same experience.

Dave Berard
Senior Product Manager, Constant Contact
Developer Portal

View API documentation, code samples, get your API key.

Visit Page