What is it?
The MC Professional API resources are hosted on resource servers and allow a 3rd party client to interact with the organization's MC Professional data. The resources are defined by a JSON REST interface and are protected by the OAuth 2.0 authorization framework. The 3rd party client system must obtain an access token from the MC Professional authorization servers and include the access token when making calls to the MC Professional resource servers. The API Authorization page details how to obtain an access token.
The MC Professional API provides resources for the following types of data:
- Attributes
- Countries
- Groups
- Member Statuses
- Member Types
- Retrieve Profiles
- Update Profiles
- Profile Search
Resource Request
Scope
The scope requested when obtaining an access token should be set to "read" "write" or "read write".
Permissions
MC Professional API resources are protected by permissions and the data that is returned from resources can also be restricted further by permissions and other security settings. Access tokens issued by the authorization servers are tied to users in the MC Professional system. A user is assigned to groups, and groups are what determine the permissions that a user is given. Therefore, the access tokens are granted the permissions of the user who was authorized in the API Authorization process.
JSON
The MC Professional API is a JSON API and every resource request should include an Accept header set to application/json:
Accept: application/json
Using the Access Token
Every resource request must include an access token set on the Authorization header. The following is the format of the Authorization header:
Authorization: Bearer <accessToken>
- accessToken: the access token issued by the authorization server
Example
Using the example value below, the following is the resulting Authorization header:
- accessToken: eyJhbGciOiJIUzI1NiJ9.eyJleHAiOjE0NjcyMDU5OTUsInVzZXJfbmFtZSI6IjEwMDEzNDU2MzAiLCJzY29wZSI6WyJyZWFkIl0sInNlcnZpY2VJZCI6NzM0MCwiYXV0aG9yaXRpZXMiOlsiUk9MRV9VU0VSIl0sInVzZXJJZCI6MTAwMTM0NTYzMCwianRpIjoiY2JhMTIyNGQtYmUyMi00YWJkLWEwOGItY2JmN2VjOTBmMTczIiwiY2xpZW50X2lkIjoiOFpnWnhWOUI4cmR3VlhKOGx6dWgifQ.ILtkgzP5CY0tTEyDdcHvu_rN3u1csgsN6UWJo98mfW4
Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJleHAiOjE0NjcyMDU5OTUsInVzZXJfbmFtZSI6IjEwMDEzNDU2MzAiLCJzY29wZSI6WyJyZWFkIl0sInNlcnZpY2VJZCI6NzM0MCwiYXV0aG9yaXRpZXMiOlsiUk9MRV9VU0VSIl0sInVzZXJJZCI6MTAwMTM0NTYzMCwianRpIjoiY2JhMTIyNGQtYmUyMi00YWJkLWEwOGItY2JmN2VjOTBmMTczIiwiY2xpZW50X2lkIjoiOFpnWnhWOUI4cmR3VlhKOGx6dWgifQ.ILtkgzP5CY0tTEyDdcHvu_rN3u1csgsN6UWJo98mfW4
Request Limits
To prevent Cloudflare from throttling requests from the site please put this rate limit into the application.
/api/*
10 requests per 1 second, Block for 30 seconds