RHarris RHarris - 22 days ago 5x
HTTP Question

Calling MailChimp API v3.0 with .Net

I'm trying to access our MailChimp account via the new 3.0 REST API. I've done the following:

using(var http = new HttpClient())
var creds = Convert.ToBase64String(Encoding.ASCII.GetBytes("username:mailchimpapikey-us1"));
http.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Basic", creds);
string content = await http.GetStringAsync(@"https://us1.api.mailchimp.com/3.0/lists");

However, when I run this code, I get a 401 error with the following json details:

{"type":"http://kb.mailchimp.com/api/error-docs/401-api-key-invalid","title":"API Key Invalid","status":401,"detail":"Your API key may be invalid, or you've attempted to access the wrong datacenter.","instance":"a9fe4028-519e-41d6-9f77-d2caee4d4683"}

The datacenter I'm using in my URI (us1 in this example) matches the dc on my API key. My API key works if I use the MailChimp SDK so I know my key isn't invalid. Also, using Fiddler, I can see that the MailChimp SDK is calling the same dc as I'm doing in my URI.

Any Ideas as to why I am having trouble Authenticating?

As noted in the question, I'm asking specifically about accessing the new 3.0 REST API. I'm trying to do this directly as opposed to using a third party wrapper.

The new API is composed of http calls so it should be pretty straight forward. I'm simply having trouble with the authentication piece.


So I was able to finally chat with a super tech support person at MailChimp.

The MailChimp docs state the following

The easiest way to authenticate is using HTTP Basic Auth. Enter any string
as the username and supply your API Key as the password.
Your HTTP library should have built-in support for basic authorization.

Their documentation is a bit misleading. Typically the Auth header for Basic Auth would look like what I was sending:

Authorization: Basic xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

where the row of x would represent the base64 encoded username:password.

However, talking with the support tech, the actual implementation they use is:

Authorization: username keyid

No base64 encoding, no Basic keyword. Username doesn't even have to be your username.

So, here is the working code:

using(var http = new HttpClient())
   http.DefaultRequestHeaders.Authorization = 
        new AuthenticationHeaderValue("Basic", mailchimpapikey-us1);
   string content = await http.GetStringAsync(@"https://us1.api.mailchimp.com/3.0/lists");

EDIT Note the comments. TooMuchPete was correct in that the normal HTTP Basic Auth headers do work. Apparently I was hitting some old code or something on the MailChimp side.

I'm leaving the post as a reference for anyone who is trying to call the new 3.0 API.