Using client details only (No master API Key)

What I am aiming for is for clients to be able to login to my software and access their data. Without me supplying the master API Key.

I am using the dotnet wrapper.

I have started by using General.ApiKey() to get a clients APIkey, but as far as I can tell to actually create a client object (to get client information) I need a corresponding clientID which I cannot get without using the master API Key.

How do I get the clientID corresponding to the client API Key or am I going about this the wrong way?

Is there a better way to get client information with only the client credentials and the client API Key?

jamesd jamesd, 1 year ago

If a client attempts to get the list of clients using their own API key, they will only receive their own client record in the response (rather than all other clients in the account).

So you could do something like (simplified for brevity):

var key = General.ApiKey("http://client.createsend.com/", "client", "password");
CreateSendOptions.ApiKey = key;
var clients = General.Clients();
var id = clients[0].ClientID;
var client = new Client(id);
// ...

Hope that helps.

stuart576, 1 year ago

I have tried what you suggested above but have met another stumbling block. It appears during testing I was using account login credentials (with access to the master API Key). When I use client credentials I get a bad login error:

The CreateSend API responded with the following error - 105: Your login URL, username and password combination is incorrect.

Using the same credentials I can login to the web portal just fine. Do I have to set something up for the client?

Thanks

jamesd jamesd, 1 year ago

If the client has account access, the /apikey route should work.

Can you try this in a web browser:

https://api.createsend.com/api/v3/apikey.json?siteurl=prefix.createsend.com

Ensure that you replace "prefix" in the query string above with your own account prefix

When you receive the basic auth dialogue, enter the client's email address and password (the same details the client would use to login to Campaign Monitor).

If this is successful, you should receive a response containing the API key for the client in your browser - similar to this:

{"ApiKey":"301e3baf2929d8uw9q8uwd9q8uw9dwqdw44afdc9"}
stuart576, 1 year ago

That seems to be working and if I hardcode the API Key into CreateSendOptions.ApiKey then it all works wonderfully, but I still get the error above if I attempt to login using the General.ApiKey method. Do I need to encode the username or password at all?

My version of the Json library is 4.0.3.0 could this be a problem?

jamesd jamesd, 1 year ago

The error you posted is related to the call in the first line of the code I posted (getting the client's API key), so there is a problem with that call, not setting CreateSendOptions.ApiKey.

I have just tried the code I posted (slightly amended below), which works:

var key = General.ApiKey("http://client.createsend.com/", "client", "password");
CreateSendOptions.ApiKey = key;
var clients = General.Clients();
var id = clients.First().ClientID;
var client = new Client(id);
// ...

Are you sure you're using the correct value for the siteUrl parameter rather than just "http://client.createsend.com/" from the code above? If you use the correct values for all parameters, the code above will work as expected.

stuart576, 1 year ago

I copied and pasted your program into an empty project, added the dependencies, and replaced the siteURL, username and password with the ones I used in the browser to get the APIKey (which worked). But now I have error 108: Too many incorrect logins, please wait a while. Or words to that effect, so development is halted for the time being.

How long does this last?

It appears my IP is blacklisted, and my IP is static, is this black list permanent.

roshodgekiss roshodgekiss, 1 year ago

Hi stuart, just to let you know, the week here has wrapped up, so we'll have a response for you when everyone is back in the office on Monday. Sorry about the wait here!


Get in touch with us on Twitter: http://twitter.com/campaignmonitor
We're also on Facebook: http://facebook.com/campaignmonitor
jamesd jamesd, 1 year ago

Hey Stuart, that's not permanent (not a blacklisting), so API calls should definitely be working again for you now. If you're still having trouble, you can get in contact with support with your account details.

stuart576, 1 year ago

I seem to have found why it was not working for me, as I see it Campaign Monitor has a master/administrator account, clients (companies) and people (employees that use the software for the client).

People get assigned to clients, correct?

Clients and people both have logins.

I have been trying to login as Client_A which doesn't seem to be possible, But what does work is logging in as Person_A (has access to Client_A).

Is this how it all works, i.e. I cannot login as a client but can as a person?

jamesd jamesd, 1 year ago

Hey Stuart,

Yes, you can have multiple people at both the administrator and client level.

When you said above that you were using the "client credentials" to login, I assumed you meant the login details of a person with client access. Maybe you were still using an administrator's login details?

For your situation it sounds like you want to create a person with client access whose login details you will use to get the client API key.

Anyway, hope you have things sorted out now.

Sign up for free.
Then send campaigns for as little as $9p/m

Create an account