Hello Greg,
Thank you for reaching out to Constant Contact API Developer Support. My team is here to assist outside software developers with questions about building into Constant Contact's API.
To get started with the V3 API, you’ll want to start by going through the V3 APIOAuth2 Authorization Code Flow. Please note, after step 1, you should set up step 4 before proceeding, because the authorization code from steps 2 and 3 only has a lifespan of 5 minutes.
V3 API OAuth2 Authorization Code Flow
https://v3.developer.constantcontact.com/api_guide/server_flow.html
Once you have your first set of tokens, you’ll want to set the access token and the refresh token as values for corresponding variables in your application, so that when your program runs through step 8 of the OAuth2 Authorization Code Flow
to get the new set of tokens it can assign the updated values to those variables to maintain an authenticated connection.
You can either have the application refresh the tokens on a timer based on the life of the access token (access token lifetime is a static 24 hours), or you can check to see if the access token is still active before each submission, and then use the refresh token to generate a new set of tokens if not.
In order to parse the JWT access token for the expiration date/time and/or granted scopes, I'd suggest looking for a standalone JWT decoder tool or setting up a decoder within your program’s code so that it can programmatically verify the remaining lifetime of the access token before attempting to refresh.
[3rd party resource] JWT Decoder Tool Examples:https://jwt.io/#debugger-io https://developer.pingidentity.com/en/tools/jwt-decoder.html
[3rd party resource] Epoch & Unix Timestamp Conversion Tool Example:https://www.epochconverter.com/
If you want your application to parse the JWT programmatically in your program’s code (the example we currently offer in the documentation is only in Java at this time), you can find instructions online regarding how to do this in different languages.
The OpenID Foundation maintains a list of libraries implementing JWT and JOSE specs, which may be a good starting point. Their list can be found here: https://openid.net/developers/jwt/
Your V3 API key won’t automatically be linked to your client’s account, but once you generate an authorization request URL, your client can use it to login to their account and grant authorization to your form/application. At that point your form/application can make contact addition requests to your client’s account.
Below I’m also including documentation for our sign-up form endpoint which will automatically check to see if the email address being submitted already exists in your client’s account. If it does, the existing contact will be updated with any new information submitted through the form. If the email does not exist, a new contact will be created on the account.
Create or Update a Contact:
https://v3.developer.constantcontact.com/api_reference/index.html#!/Contacts/createOrUpdateContact
For a more simple alternative, Constant Contact also offers embedded pop-up and inline forms available to create in your account. Below I’m including articles with information on how to create and install them.
Create an Inline Contact Sign-Up Form to Embed on a Website:
https://knowledgebase.constantcontact.com/articles/KnowledgeBase/18265-Create-a-Sign-Up-Form-with-the-new-sign-up-form-experience
Install a Contact Sign-Up Form on a Website:
https://knowledgebase.constantcontact.com/articles/KnowledgeBase/18053-activating-and-installing-your-sign-up-form
Please have a look and let us know if you have any other questions!
Regards,
... View more
