Describes how Constant Contact controls access to API resources.

Constant Contact allows multiple users to work together using a single account. To accommodate multiple users, Constant Contact uses user roles and privileges. User roles are types of users in Constant Contact that have collections of privileges associated with them. Privileges permit users to access different endpoints and methods in the V3 API. Constant Contact currently has three user roles:

  • Account Owner: The user that currently has ownership of an account. In the V3 API, account owners have privileges that allow them to access all currently available endpoints and methods. This includes access to campaigns, contacts, contact lists, and reporting data.

  • Account Manager: A user that the account owner appoints to manage the account. In the V3 API, account managers have privileges that allow them to access all currently available endpoints and methods. This includes access to campaigns, contacts, contact lists, and reporting data.

  • Campaign Creator: A user that the account owner appoints to create and edit campaigns. In the V3 API, campaign creators only have privileges that allow them to create campaigns, edit campaigns, view campaigns, and view contact lists. Campaign creators lack the privileges necessary to access contacts, access reports, or modify contact lists.

Account Owner and Account Manager Differences Account owners can use the Constant Contact UI to add users, modify user roles, and change billing information. Account managers cannot add users, modify user roles, or change billing information.

Because the users roles have different levels of access to data in Constant Contact, you should take the user roles into account when you build your application. Use the GET /account/user/privileges endpoint to return the user privileges associated with your access token.

User Roles and Privileges Reference Table

User Role Role Description Role Privileges
Account Owner Account owners can access all resources and operations that are currently available in the V3 API.
  • contacts:read
  • contacts:write
  • contacts:lists:read
  • contacts:lists:write
  • ui:campaign:metrics
  • campaign:read
  • campaign:create
  • campaign:write
  • campaign:send
  • account:read
  • account:update
Account Manager Account managers can access all resources and operations that are currently available in the V3 API.
  • contacts:read
  • contacts:write
  • contacts:lists:read
  • contacts:lists:write
  • ui:campaign:metrics
  • campaign:read
  • campaign:create
  • campaign:write
  • campaign:send
  • account:read
Campaign Creator Campaign creators are limited to creating campaigns, updating campaigns, viewing campaigns, and viewing contact lists. Campaign creators cannot send campaigns, access contacts, view reports, or modify contact lists.
  • campaign:read
  • campaign:create
  • campaign:write
  • contacts:lists:read

V3 API Endpoint Privileges

Account Services

Description Endpoint Method and Route Required Privileges
Get details about a Constant Contact user account. GET /account/summary account:read
Update details about a Constant Contact user account. PUT /account/summary account:update
Get the organization's physical address that is associated with a Constant Contact user account. GET /account/summary/physical_address account:read
Update the organization's physical address that is associated with a Constant Contact user account. PUT /account/summary/physical_address account:update
Get user privileges. GET /account/user/privileges None
Get a collection of account emails. GET /account/emails account:read

Contacts Privileges

Description Endpoint Method and Route Required Privileges
Get a collection of contacts. GET /contacts contacts:read
Create a contact. POST /contacts contacts:write
Get a collection of V2 and V3 contact ids. GET /contacts/contact_id_xrefs contacts:read
Get a single contact. GET /contacts/{contact_id} contacts:read
Update a contact. PUT /contacts/{contact_id} contacts:write
Delete a contact. DELETE /contacts/{contact_id} contacts:write

Contact Lists Privileges

Description Endpoint Method and Route Required Privileges
Get a collection of contact lists. GET /contact_lists contacts:lists:read
Create a contact list. POST /contact_lists contacts:lists:write
Get a collection of V2 and V3 list ids. GET /contact_lists/list_id_xrefs contacts:lists:read
Get a single contact list. GET /contact_lists/{list_id} contacts:lists:read
Update a contact list. PUT /contact_lists/{list_id} contacts:lists:write
Delete a contact list. DELETE /contact_lists/{list_id} contacts:lists:write

Contact Custom Fields Privileges

Description Endpoint Method and Route Required Privileges
Get a collection of contact custom fields. GET /contact_custom_fields contacts:read
Create a contact custom field. POST /contact_custom_fields contacts:write
Get a contact single custom field. GET /contact_custom_fields/{custom_field_id} contacts:read
Update a contact custom field. PUT /contact_custom_fields/{custom_field_id} contacts:write
Delete a contact custom field. DELETE /contact_custom_fields/{custom_field_id} contacts:write

Bulk Activity Operation Privileges

Description Endpoint Method and Route Required Privileges
Get a collection of bulk activities. GET /activities contacts:write
Get the status of a single bulk activity. GET /activities/{activity_id} contacts:write
Add contacts to contact lists bulk activity. POST /activities/add_list_memberships contacts:write
Remove contacts from contact lists bulk activity. POST /activities/remove_list_memberships contacts:write
Import contacts from a CSV file. POST /activities/contacts_file_import contacts:write
Import contacts from a JSON payload. POST /activities/contacts_json_import contacts:write
Delete contacts bulk activity. POST /activities/contact_delete contacts:write
Export contacts to a CSV file. POST /activities/contact_exports contacts:write

Reports Privileges

Description Endpoint Method and Route Required Privileges
Get the tracking activity data for a contact. GET /reports/contact_reports/{contact_id}/activity_details ui:campaign:metrics
Get the contact action summary for a contact. GET /reports/contact_reports/{contact_id}/activity_summary ui:campaign:metrics
Get the average open and click rate for a contact. GET /reports/contact_reports/{contact_id}/open_and_click_rates ui:campaign:metrics
Get a links report for an email campaign activity. GET /reports/email_reports/{email_campaign_activity_id}/links ui:campaign:metrics
Get a opens report for an email campaign activity. GET /reports/email_reports/{email_campaign_activity_id}/tracking/opens ui:campaign:metrics
Get a sends report for an email campaign activity. GET /reports/email_reports/{email_campaign_activity_id}/tracking/sends ui:campaign:metrics
Get a clicks report for an email campaign activity. GET /reports/email_reports/{email_campaign_activity_id}/tracking/clicks ui:campaign:metrics

Emails Privileges

Description Endpoint Method and Route Required Privileges
Get a collection of email campaigns. GET /emails campaign:read
Create a new email campaign in your email campaign collection. POST /emails campaign:write
Rename an existing email campaign. PATCH /emails campaign:write
Get a collection of V2 and V3 campaign ids. GET /emails/campaign_id_xrefs campaign:read
Get a single email campaign and a list of associated campaign activities. GET /emails/{campaign_id} campaign:read
Get a single email campaign activity. GET /emails/activities/{campaign_activity_id} campaign:read
Update a single email campaign activity. PUT /emails/activities/{campaign_activity_id} campaign:write
Get the send history for a single email campaign activity. GET /emails/activities/{campaign_activity_id}/send_history campaign:read
Schedule an email campaign activity. POST /emails/activities/{campaign_activity_id}/schedules campaign:send
Get the schedule of an email campaign activity. GET /emails/activities/{campaign_activity_id}/schedules campaign:read
Unschedule an email campaign activity. DELETE /emails/activities/{campaign_activity_id}/schedules campaign:send
Delete an email campaign and all associated email campaign activites. DELETE /emails/{campaign_id} campaign:write
Get an HTML preview of an email campaign activity. GET /emails/activities/{campaign_activity_id}/previews campaign:read
Test send an email campaign activity. GET /emails/activities/{campaign_activity_id}/tests campaign:send

Error Behavior for User Privileges

The V3 API returns a 403 Forbidden error when you attempt to access an endpoint on behalf of a user that lacks the necessary privileges for the endpoint. Use the GET /account/user/privileges endpoint and the V3 API Endpoint Privileges table to determine which privileges you are missing.

OAuth Scopes In addition to the restrictions imposed by roles and their associated privileges, you can also use OAuth2 scopes to further restrict your application's access to Constant Contact resources. For more information, see the Authorization Scopes Overview.