Seed-List Management API

The Seed-List Management API is used for authentication, management of seeds, and account settings with regard to seeds.

Acquire and renew authentication tokens to invoke Marketing Cloud Engagement APIs via an AppExchange web app.

The flow described here relies on the offline access scope created with Installed Packages. With the offline scope, a refresh token is acquired that can be stored and used for up to 30 days (default). Partners would retrieve the TSSD (Tenant Specific Sub Domain) URL routes for SOAP or REST API calls and a refresh token for each MC Account. When the MC user isn’t logged in, the partner can still use the refresh token to invoke MC APIs in a background process to update and manage seed-lists.

For more information, see the public documentation for:

The PlantUML source for this diagram is at AppExchange MC API Auth Flow.


The endpoints for seed-list management include create, read, update, and delete (CRUD) operations on seed-lists. The following diagram shows a simplified authentication flow. For more detail on offline access see AppExchange WebApp Authentication Flow


Errors return a non 2xx status code and contain a JSON body with errorcode and message fields. See Handle Errors in REST API.

Permissions in Email > Content > Email determine access to the seed-list APIs.

The following table defines the permissions needed for a user to access the seed-list APIs. The partner app is set up with the required scopes and uses appropriate user permissions. The seed-list APIs return a 403: unauthorized response if the permission criteria isn't satisfied.

API ActionPath to User PermissionAPI Permission Scope
GETEmail > Content > Email > Viewemail_read
POSTEmail > Content > Email > Createemail_write
PUTEmail > Content > Email > Updateemail_write
PATCHEmail > Content > Email > Updateemail_write
DELETEEmail > Content > Email > Deleteemail_write