Grant Type Password

Your application's code needs to:

  • Store the returned access_token to use to authenticate all other endpoint requests until the token expires. (3600 seconds)
  • Store the returned refresh_token for the purpose of getting a new access_token after the access token expires.
  • Use the access token for all non-authentication related requests as specified by documentation for endpoints you are using. Access tokens expire in 3600 seconds.
  • To refresh a session, use the refresh token from the immediate prior session in a refresh request. When the refresh request is granted, the response contains another access token/refresh token pair.

The refresh token does not expire until a new initial access token request (a password or code grant type) or a refresh request occurs.

Password or Code grant types are limited to 5 authentication attempts per hour. Using the refresh token workflow avoids unneeded access token requests and prevents your application from reaching this limit.

Parameters

Name Parameter
Type
Allow
Multiple
Required/
Optional
Data Type Description
grant_type x-www-form-urlencoded False Required string The value must be 'password'.
username x-www-form-urlencoded False Required string The email address of a user in the Act-On account you are trying to access.
password x-www-form-urlencoded False Required string The password associated with the username.
client_id x-www-form-urlencoded False Required string The Client ID you received in your welcome email.
client_secret x-www-form-urlencoded False Required string The Client Secret you received in your welcome email.

Unlike most other endpoints, the URL for the authentication request does not have /api/1/ in the URL path. The token endpoint URL is just: https://restapi.actonsoftware.com/token.

Request

Response

Code Examples

cURL Request

NOTE: replace the placeholder text in brackets with your client id and password.

Refreshing Authentication

After the initial authentication, you’ll need to use the Refresh grant type to get a new access token before the current one’s hour-long lifespan expires.

OAuth
Grant Type Password
Grant Type Code
Grant Type Refresh
Account API
Get account information
Create new account user
Delete account users
Delete account user
Get email senders
Fact API
Upload custom events
Get upload custom event status
List API
Get listing of lists
Download a list
Create a new list
Update or merge a list
Get list upload status
Delete a list
Delete records from a list
Get hard bounce list
Get spam complaint list
Get optout list
Update optout list
Get subscription opt-outs by category
mergespecs
uploadspecs
Content API
Get logo list
Get a logo
Add a logo
Update a logo
Delete a logo
Get header list
Get a header
Add a header
Update a header
Delete a header
Get footer list
Get a footer
Add a new footer
Delete a footer
Update a footer
Get image list
Get an image
Add an image
Replace an image
Delete an image
Get media list
Get media file
Add a media file
Add a media link
Update Media File
Delete a media object
Get form list
Get promotional form URLs
Get page list
Get page
Delete page
Get promotional page URLs
Get list of programs
Reporting API
Get message report
Get message report drilldown
Get message report by time period
Get media report
Get media message report
Get a media view report
Get a media timeline report
Get form report
Get page report
Get spam complaint list
Get hard bounce list
Email Campaign API
Get message list
Send a message
Resend a message
Add new template or draft message
Update template or draft message
Delete a message
Get message report
Get message report drilldown
Get message report by time period
Get message HTML contents
Contact API
Add a contact
Get contact record
Upsert a contact record by email
Update a contact by record ID
Delete a contact
Get contact record ID based on cookie value
Get contact from list based on cookie ID or e-mail
Get contact fact and score data
Get subscription categories
Opt in/Opt out subscription category by email address
Get subscription category opt-ins by email
Opt in/Opt out multiple subscription categories by email address
SEO API
Get SEO keywords
Get a new SEO report
Frequently Asked Questions