While reading instagram basic display api documentation I get the sense that we cannot use this api for authentication. As they write under the limitation as:
Authentication — Instagram Basic Display is not an authentication
solution. Data returned by the API cannot be used to authenticate your
app users or log them into your app. If you need an authentication
solution we recommend using Facebook Login instead.
But looking at their API reference I get they provide oauth tokens and authentication flow /scopes.
Their getting started guide also list down steps to setup app. Anyone please explain what I am missing there ? I am looking for social login solution using instagram, thanks.
Related
Facebook recently released a step-by-step documentation for using a GrapAPI to manage Instagram messages. To obtain the access token to use it, it's necessary to create an application in the developer center, enable login via Facebook and include the permissions "instagram_basic", "instagram_manage_messages" and "pages_manage_metadata" but to activate these options it's necessary to submit various information for approval as statement of how the integration works and descriptions of the usage flow. I don't have access to this information because I can't develop an integration without it being approved.
It's not possible to use the provided test user as the pages raised by him cannot be linked to Instagram accounts.
Tutorial followed: https://developers.facebook.com/docs/messenger-platform/instagram/get-started
Someone with some experience with the Facebook API could give me a light on how to obtain the token with access required and proceed the tests?
I have done the tutorial as well, I faced the same problem. To enable instagram_basic, instagram_manage_messages and pages_manage_metadata without app review you need to create a test-app. For test apps all permissions are granted without review.
Instructions on how to create a test-app
Another usefull tipp: If you are wondering why you need to implement facebook login to access the instagram messaging api, the logic is the following: You need to implement login to then use your own implementation to logg in your own account and obtain the page access key that will let you do api calls to the instagram messaging api. This process is obviously overkill and instagram is working on a way of getting that access token through the developer dashboard.
For now to obtain that access token you need:
implement facebook login as a simple html website and console log the response. Be sure to add the required permissions to the data-scope attribute of the facebook login button:
<div
class="fb-login-button"
data-scope="public_profile,email,instagram_basic,instagram_manage_messages,pages_manage_metadata,pages_messaging"
></div>
deploy to a website that has https enabled (logging in from
localhost will only work if you use a tunelling service like ngrok).
Open your website that has facebook login implemented and logg in with your facebook account that is also linked to the target instagram account and also is admin of your test-app.
get the access token from the response to call the other API endpoints.
I have an app that uses Instagram Login to use authenticate the users to the APP and the API which I using for this shown below
http://api.instagram.com/oauth/authorize/?client_id={client_id}&redirect_uri=http://localhost:8585&response_type=code
Is this API is going to deprecate should I move to Instagram basic display API for the same
Thanks in advance :)
Based on what is written here, you shouldn't use Instagram Basic Display API for authentication users to login to mobile app, but only to read and display data from Instagram. If your app uses API data to authenticate users, it will be rejected during App Review. You should use rather Facebook Login for authentication.
I want to add a 'Login with Instagram" button as a new feature to my application.
After reading the docs, I understood that the new API called - 'Instagram Basic Display Api' can't be used as an authentication solution.
"Data returned by the API cannot be used to authenticate your app users or log them into your app. If
you need an authentication solution we recommend using Facebook Login instead."
https://developers.facebook.com/docs/instagram-basic-display-api
If I understood the docs correctly they expect from the user to authenticate once with 'Facebook Login' as the primary authentication of the app and after that, the user needs to login in again to Instagram in order to get his basic profile.
Why can't Instagram be used as primary authentication? Anyone have a showcase to present that implement this flow?
Im starting to implement the Facebook apis into my website..
Where i am having trouble is understanding the oauth api. Maybe this inst the correct api?
Basically what i am trying to do is allow the user to sign in / register with Facebook and and storing that information in my database as a new user as i will be creating a profile from this. I would also like the user to be able to login with or without Facebook using his credentials. I understand he would have to create a password on my site. Is it practical to store his information .. Name Address email and other information.
I am very confused with the api and need help. reading through the documentation i cannot find where this explained.
Look at how to authenticate user using facebook login system on your website
About your question on storing emails, check facebook policies are mentioned here
Use graph api for accessing user details and other stuff
Hope this helps
Firstly I understand OpenId is for authentication and OAuth is for authorisation and unlike other questions on the site I am not asking which should be used for which but whether anyone can advise a solution for my issue.
I want to allow users to login to my site via their LinkedIn/Twitter/Facebook account once logged in say via LinkedIn they could also then authorise their Twitter and Facebook account as a optional login method. This would allow the user to authenticate via any of the three but end up with their user account on my site as the end result.
I also want to use the authorisation they have provided to get basic user details (profile pic/name etc) and post status updates.
I don't want to ask a user to login with their account via openId then have to authorise the same account again via oauth to allow my site to publish to their service feed and have to do this for each of the 3 services.
Any ideas or issues to this issue?
If you are using ASP.NET MVC, DotNetOpenAuth is an excellent solution for supporting OpenID/OAuth sites. StackOverflow is using it, and they are quite picky for the code they use in the site.
The integration if OpenID with DotNetOpenAuth is quite straightforward. I have not tried OAuth, but I don't expect it to be of any less quality.
Unfortunately, Facebook does not support OpenID/OAuth, so you need to use a different solution for it. The one I use is Clarity Consulting's Facebook Developer Toolkit. It works, although I do have certain complaints about the quality of the code; unfortunately I haven't found anything better yet. (Note: If anyone knows a better alternative, by all means let me know)
The basic integration of Facebook Connect with the Facebook Developer Toolkit is also relatively straightforward. However, their object model is somewhat messed up, due to their attempt to stay as close to the Facebook APIs, so the HTTP API patterns are bleeding through a lot. Still, it does the work.
Update: Now that Facebook announced that they'll be supporting OAuth 2.0, DotNetOpenAuth might turn out to be the best solution.
Have you looked into RPX?
https://rpxnow.com/
I don't want to ask a user to login with their account via openId then have to authorise the same account again via oauth to allow my site to publish to their service feed and have to do this for each of the 3 services.
I'm afraid you'll have to connect the user's account to each of the 3 services individually. What platform are you using to build your app? If it's Ruby, then a gem like OmniAuth looks promising.