Describes how Constant Contact controls access to API resources.

Constant Contact allows multiple users to work together using a single account. To accommodate multiple users, Constant Contact uses user roles and privileges. User roles are types of users in Constant Contact that have collections of privileges associated with them. Privileges permit users to access different endpoints and methods in the V3 API. Constant Contact currently has three user roles:

  • Account Owner: The user that currently has ownership of an account. In the V3 API, account owners have privileges that allow them to access all currently available endpoints and methods. This includes access to campaigns, contacts, contact lists, and reporting data.

  • Account Manager: A user that the account owner appoints to manage the account. In the V3 API, account managers have privileges that allow them to access all currently available endpoints and methods. This includes access to campaigns, contacts, contact lists, and reporting data.

  • Campaign Creator: A user that the account owner appoints to create and edit campaigns. In the V3 API, campaign creators only have privileges that allow them to create campaigns, edit campaigns, view campaigns, and view contact lists. Campaign creators lack the privileges necessary to access contacts, access reports, or modify contact lists.

Account Owner and Account Manager Differences Account owners can use the Constant Contact UI to add users, modify user roles, and change billing information. Account managers cannot add users, modify user roles, or change billing information.

Because the users roles have different levels of access to data in Constant Contact, you should take the user roles into account when you build your application. Use the GET /account/user/privileges endpoint to return the user privileges associated with your access token.

User Roles and Privileges Reference Table

User Role Role Description Role Privileges
Account Owner Account owners can access all resources and operations that are currently available in the V3 API.
  • contacts:read
  • contacts:write
  • contacts:lists:read
  • contacts:lists:write
  • ui:campaign:metrics
  • campaign:read
  • campaign:create
  • campaign:write
  • campaign:send
  • account:read
  • account:update
Account Manager Account managers can access all resources and operations that are currently available in the V3 API.
  • contacts:read
  • contacts:write
  • contacts:lists:read
  • contacts:lists:write
  • ui:campaign:metrics
  • campaign:read
  • campaign:create
  • campaign:write
  • campaign:send
  • account:read
Campaign Creator Campaign creators are limited to creating campaigns, updating campaigns, viewing campaigns, and viewing contact lists. Campaign creators cannot send campaigns, access contacts, view reports, or modify contact lists.
  • campaign:read
  • campaign:create
  • campaign:write
  • contacts:lists:read

V3 API Endpoint Privileges

Account Services

Description Endpoint Method and Route Required Privileges
Get details about a Constant Contact user account. GET /account/summary account:read
Update details about a Constant Contact user account. PUT /account/summary account:update
Get the organization's physical address that is associated with a Constant Contact user account. GET /account/summary/physical_address account:read
Update the organization's physical address that is associated with a Constant Contact user account. PUT /account/summary/physical_address account:update
Get user privileges. GET /account/user/privileges None
Add a new email address to an account. POST /account/emails account:update
Get a collection of account emails. GET /account/emails account:read

Contacts Privileges

Description Endpoint Method and Route Required Privileges
Get a collection of contacts. GET /contacts contacts:read
Create a contact. POST /contacts contacts:write
Create or update a contact using a single method. POST /contacts/sign_up_form contacts:write
Get a collection of V2 and V3 contact ids. GET /contacts/contact_id_xrefs contacts:read
Get a single contact. GET /contacts/{contact_id} contacts:read
Update a contact. PUT /contacts/{contact_id} contacts:write
Delete a contact. DELETE /contacts/{contact_id} contacts:write
Get contact consent counts by consent state. GET /contacts/counts contacts:read
Get contact sms engagment details. GET /contacts/sms_engagement_history/{contact_id} contacts:read

Contact Lists Privileges

Description Endpoint Method and Route Required Privileges
Get a collection of contact lists. GET /contact_lists contacts:lists:read
Create a contact list. POST /contact_lists contacts:lists:write
Get a collection of V2 and V3 list ids. GET /contact_lists/list_id_xrefs contacts:lists:read
Get a single contact list. GET /contact_lists/{list_id} contacts:lists:read
Update a contact list. PUT /contact_lists/{list_id} contacts:lists:write
Delete a contact list. DELETE /contact_lists/{list_id} contacts:lists:write

Contact Custom Fields Privileges

Description Endpoint Method and Route Required Privileges
Get a collection of contact custom fields. GET /contact_custom_fields contacts:read
Create a contact custom field. POST /contact_custom_fields contacts:write
Get a contact single custom field. GET /contact_custom_fields/{custom_field_id} contacts:read
Update a contact custom field. PUT /contact_custom_fields/{custom_field_id} contacts:write
Delete a contact custom field. DELETE /contact_custom_fields/{custom_field_id} contacts:write

Contact Tags Privileges

Description Endpoint Method and Route Required Privileges
Get details about a specific tag. GET /contact_tags/{tag_id} contacts:read
Get details about all tags. GET /contact_tags contacts:read
Create a tag. POST /contact_tags contacts:write
Rename a tag. PUT /contact_tags/{tag_id} contacts:write
Delete a tag. DELETE /contact_tags/{tag_id} contacts:write

Bulk Activity Operation Privileges

Description Endpoint Method and Route Required Privileges
Get a collection of bulk activities. GET /activities contacts:write
Get the status of a single bulk activity. GET /activities/{activity_id} contacts:write
Add contacts to contact lists bulk activity. POST /activities/add_list_memberships contacts:write
Remove contacts from contact lists bulk activity. POST /activities/remove_list_memberships contacts:write
Remove custom fields from an account bulk activity. POST /activities/custom_fields_delete contacts:write
Import contacts from a CSV file. POST /activities/contacts_file_import contacts:write
Import contacts from a JSON payload. POST /activities/contacts_json_import contacts:write
Delete contacts bulk activity. POST /activities/contact_delete contacts:write
Export contacts to a CSV file. POST /activities/contact_exports contacts:write
Delete lists POST /activities/list_delete contacts:write
Add tags POST /activities/contacts_taggings_add contacts:write
Remove tags from contacts. POST /activities/contacts_taggings_remove contacts:write
Delete tags POST /activities/contacts_tags_delete contacts:write

Reports Privileges

\
Description Endpoint Method and Route Required Privileges
Get the tracking activity data for a contact. GET /reports/contact_reports/{contact_id}/activity_details ui:campaign:metrics
Get the contact action summary for a contact. GET /reports/contact_reports/{contact_id}/activity_summary ui:campaign:metrics
Get an Email Campaigns Statistics Report. GET /reports/stats/email_campaigns/{campaign_ids} ui:campaign:metrics
Get an Email Campaign Activity Statistics Report. GET /reports/stats/email_campaign_activity/{campaign_activity_ids} ui:campaign:metrics
Get an Email Campaigns Summary Report. GET /reports/summary_reports/email_campaign_summaries ui:campaign:metrics
Get the average open and click rate for a contact. GET /reports/contact_reports/{contact_id}/open_and_click_rates ui:campaign:metrics
Get a links report for an email campaign activity. GET /reports/email_reports/{email_campaign_activity_id}/links ui:campaign:metrics
Get a opens report for an email campaign activity. GET /reports/email_reports/{email_campaign_activity_id}/tracking/opens ui:campaign:metrics
Get a unique opens report listing the last time each unique contact opened the email campaign activity. GET/reports/email_reports/{campaign_activity_id}/tracking/unique_opens ui:campaign:metrics
Get a sends report for an email campaign activity. GET /reports/email_reports/{email_campaign_activity_id}/tracking/sends ui:campaign:metrics
Get a clicks report for an email campaign activity. GET /reports/email_reports/{email_campaign_activity_id}/tracking/clicks ui:campaign:metrics
Get a did not opens report for an email campaign activity. GET /reports/email_reports/{email_campaign_activity_id}/tracking/didnotopens ui:campaign:metrics
Get a forwards report for an email campaign activity. GET /reports/email_reports/{email_campaign_activity_id}/tracking/forwards ui:campaign:metrics
Get an opt-outs (unsubscribe) report for an email campaign activity. GET /reports/email_reports/{email_campaign_activity_id}/tracking/optouts ui:campaign:metrics
Get a bounces report for an email campaign activity. GET /reports/email_reports/{email_campaign_activity_id}/tracking/bounces ui:campaign:metrics

Emails Privileges

Description Endpoint Method and Route Required Privileges
Get a collection of email campaigns. GET /emails campaign:read
Create a new email campaign in your email campaign collection. POST /emails campaign:write
Rename an existing email campaign. PATCH /emails campaign:write
Get a collection of V2 and V3 campaign ids. GET /emails/campaign_id_xrefs campaign:read
Get a single email campaign and a list of associated campaign activities. GET /emails/{campaign_id} campaign:read
Get a single email campaign activity. GET /emails/activities/{campaign_activity_id} campaign:read
Update a single email campaign activity. PUT /emails/activities/{campaign_activity_id} campaign:write
Get the send history for a single email campaign activity. GET /emails/activities/{campaign_activity_id}/send_history campaign:read
Schedule an email campaign activity. POST /emails/activities/{campaign_activity_id}/schedules campaign:send
Get the schedule of an email campaign activity. GET /emails/activities/{campaign_activity_id}/schedules campaign:read
Unschedule an email campaign activity. DELETE /emails/activities/{campaign_activity_id}/schedules campaign:send
Delete an email campaign and all associated email campaign activities. DELETE /emails/{campaign_id} campaign:write
Get an HTML preview of an email campaign activity. GET /emails/activities/{campaign_activity_id}/previews campaign:read
Test send an email campaign activity. GET /emails/activities/{campaign_activity_id}/tests campaign:send
Resend (schedule) a primary email campaign activity to non-openers. POST /emails/activities/{campaign_activity_id}/non_opener_resends. campaign:send
Get details for a single resend to non-openers email campaign activity. GET /emails/activities/{campaign_activity_id}/non_opener_resends. campaign:read
Delete (unschedule) a resend to non-openers email campaign activity. DELETE /emails/activities/{campaign_activity_id}/non_opener_resends/{resend_request_id}. campaign:send
Get A/B test details for a primary email campaign activity. GET /emails/activities/{campaign_activity_id}/abtest campaign:read
Delete an A/B test for a primary email campaign activity. DELETE /emails/activities/{campaign_activity_id}/abtest campaign:write
Create an A/B test for a primary email campaign activity. POST /emails/activities/{campaign_activity_id}/abtest campaign:write

Segment Privileges

Description Endpoint Method and Route Required Privileges
Create a segment. POST /segments contacts:lists:write
Get a list of segments for an account. GET /segments contacts:lists:read
Get details about a segment. GET /segments/{segment_id} contacts:lists:read
Delete a segment. DELETE /segments/{segment_id} contacts:lists:write
Update a segment's name and/or contact selection criteria. UPDATE /segments/{segment_id} contacts:lists:write
Rename a segment. PATCH /segments/{segment_id}/name contacts:lists:write

Landing Page Reporting Privileges

Description Endpoint Method and Route Required Privileges
Get details for contacts that uniquely click a link on a specific landing page. GET /reports/landing_pages/campaign_details/{campaign_activity_id}/p_unique_contact_clicks ui:campaign:metrics
Get details for contacts that uniquely click a link on a specific landing page to opt in to receiving SMS messages. GET /reports/landing_pages/campaign_details/{campaign_activity_id}/p_unique_contact_sms_optins ui:campaign:metrics
Get details for contacts that uniquely open a specific landing page. GET /reports/landing_pages/campaign_details/{campaign_activity_id}/p_unique_contact_opens ui:campaign:metrics
Get details for each time contacts open a specific landing page. GET /reports/landing_pages/campaign_details/{campaign_activity_id}/p_contact_opens ui:campaign:metrics
Get contact details for each contact added to the account from a specific landing page. GET /reports/landing_pages/campaign_details/{campaign_activity_id}/p_unique_contact_adds ui:campaign:metrics
Get contact details for each contact in an account that was updated from a specific landing page. GET /reports/landing_pages/campaign_details/{campaign_activity_id}/p_unique_contact_updates ui:campaign:metrics

Error Behavior for User Privileges

The V3 API returns a 403 Forbidden error when you attempt to access an endpoint on behalf of a user that lacks the necessary privileges for the endpoint. Use the GET /account/user/privileges endpoint and the V3 API Endpoint Privileges table to determine which privileges you are missing.

OAuth Scopes In addition to the restrictions imposed by roles and their associated privileges, you can also use OAuth2 scopes to further restrict your application's access to Constant Contact resources. For more information, see the Authorization Scopes Overview.