• Constant Contact Logo

About SteveJ286

SteveJ286
Frequent Participant
since ‎10-14-2020
‎06-17-2021
Badges

Re: Authentication for non-user-interactive integr...

by in API Developer Support
‎03-01-2021 10:40 AM
‎03-01-2021 10:40 AM
Thanks for the reply.  I think for me, the current capabilities will suffice...that is, the client of my application does have to interact to give my app permission to access their account information(via the api).  After that setup, I can, via the refreshToken, use the API to interact with CC with no interaction from my client. ... View more

oAuth2 security needs state param

by in API Developer Support
‎02-25-2021 01:49 PM
‎02-25-2021 01:49 PM
I believe the oAuth2 implementation you currently have suffers from a potential security flaw.  Luckily, allowing the redirect_uri to have a state parameter that is returned with the access code solves the problem and is an easy fix.   See this article for a better explination - https://medium.com/securing/what-is-going-on-with-oauth-2-0-and-why-you-should-not-use-it-for-authentication-5f47597b2611 ... View more

Re: Authentication for non-user-interactive integr...

by in API Developer Support
‎02-25-2021 01:26 PM
‎02-25-2021 01:26 PM
Help me understand why their oAuth 2 "Server Flow" doesn't meet your requirements.  I'm starting on implementing it now and don't want to get half way there to discovered I've missed something.  Granted, I just need the contact list manipulation APIs. ... View more

Re: Support for OAuth Authentication Retracted. P...

by in API Developer Support
‎02-25-2021 01:20 PM
1 Kudo
‎02-25-2021 01:20 PM
1 Kudo
This post is out of date and should be removed. ... View more
Latest Tags
No tags yet
Kudos from
View All