Simple Tutorial for Getting an Instagram ClientID and Access Token

Simple Tutorial for Getting an Instagram ClientID and Access Token

I recently had to re-register my blog with my Instagram account and found I had no memory of doing it before, the reason is it’s such a painful process I had subconsciously vanquished it from my brain to end the nightmares.  Since I’ve had to do it again, I figure I’d try and create a nice simple step by step set of instructions for the process below.

For any lovers of instagram, I highly recommend checking out The Instagram Book: Inside The Online Photography Revolution!

Step 1: Register a New Client

  1. Instagram Register New Client-FormGo the Instagram developer website at http://instagram.com/developer/authentication/
  2. Complete the form, here’s a break down of what each field is:
    1. Application Name: An arbitrary descriptive name for your App (e.g. ‘My Blog’ or ‘Bobs App’)
    2. Description: A description of your app or service (e.g. ‘My Personal Blog Website’ or ‘Acme Company Booking App’)
    3. Website: This is the website url for your App or Service including the protocol (the ‘http://’) at the beginning (e.g. ‘http://bobmckay.com’).
    4. OAuth redirect_url: This <sarcasm>helpfully labelled field is another website url, it is simply the address to which users will be redirected after they are asked by Instagram to confirm or deny access to the account.
  3. You are now presented with a Client ID and the Redirect URL – copy and paste these somewhere (or leave the browser window open) as we need them for the next step.

Step 2: Authorize your App/Client

Copy the URL in the grey box below and replace the bits in UPPERCASE with the information you noted earlier on (Client ID and Redirect URL):

http://instagram.com/oauth/authorize/?client_id=YOURCLIENTIDHERE&redirect_uri=HTTP://YOURREDIRECTURLHERE.COM&response_type=token

Instagram Token Retrieval Authorize PromptPaste the updated URL in to your favourite browser and you will be taken to a page on Instragram that says something like, “Hello [Your Name], [Application Name] is requesting to do the following” followed by a list of permissions – click Authorize to enable and retrieve your token.

Click Authorize

Do NOT close the browser window on the next page as its needed exactly ‘as is’ for the final step.

Step 3: Retrieve Your Access Token

Instagram Token Retrieval Final StepYou should now have been redirect to the URL you set as your Redirect URL (in my case my blog).  At the end of the URL Instagram has directed you to is your access token as a very long series of letters and numbers.  It will almost certainly not all be visible so you’ll need to work a little to get it.  I recommend:

  1. Clicking in the address bar of your browser
  2. Hit CTRL + A on the keyboard to ‘Select All’
  3. Hit CTRL + C on the keyboard to ‘Copy
  4. Open a text editor such as Notepad and paste the URL there, you should now be presented with something like this:
http://bobmckay.com/#access_token=856946666.7338417.ffefasgtasg805784be6ab4f24965e79

Everything after the equals sign (=) is your access token so in my case this would be: 856946666.7338417.ffefasgtasg805784be6ab4f24965e79.

Security First

You should consider your access token as a password for your Instagram account and so shouldn’t be revealed to anyone (mine above are fictitious).

Bob McKay

About Bob McKay

Bob McKay works at Perfect Image, is a father, programmer and a self confessed techie-geek type.

Disclosure Policy

Bob on Google+

63 comments on «Simple Tutorial for Getting an Instagram ClientID and Access Token»

  1. Gale says:

    good golly thank you! For any using the GoDaddy managed wordpress, if it is in development on a temporary domain you may want to use a completely different Redirect URL than the website – and be sure and uncheck the Disable Implicit OAuth. That’s what worked for me anyway. I have no idea why, but trying to use the same Redirect and website URL on the temporary domain wouldn’t cut it.

    1. Bob McKay says:

      Hi Gale,

      I’m glad it helped and thanks for the extra info on temporary domains!

      Bob

      1. Anik says:

        same here – had to do this again today after my instafeed.js photo feed randomly stopped working. Thank you so much!

  2. faheed says:

    sorry i used botstagram app and i surely got the code, but when i use it on my password box in the account manager deniies why?? or is it a wrong step i have applied with the code coz i dont surely understand well please help me out…………

    1. Bob McKay says:

      Hi Faheed,

      I’m sorry buddy – it’s been a long time since I did this and I don’t even know what botsagram is! All I can suggest is to start again, carefully working through *every* step above.

      1. Tilak says:

        Bob are you on instagram…need to get a private tall with u..plz

        1. Bob McKay says:

          Tilak, what is it you need to talk about?

  3. moni says:

    plzz tell me how to get code and access token programitically in VB asp.net for instagram

    1. Bob McKay says:

      Hi Moni,

      Thanks for the post – sorry I don’t work in ASP.NET!

  4. Thank you, you saved my project, i’ve been searching this token problem with my project cause “token invalid” , and i found your blog, thats worked for me using url that you given , thank you again!

    1. Bob McKay says:

      Hey Adi,

      Thanks for the comment – glad it helped!

      1. buddy says:

        Hey if u get me somebodys location on instagram im willing to pay my email is badar.xxxxxxx@gmail.com

        1. Bob McKay says:

          Hi Badar,
          Sorry – I’m not really sure what you mean? Are you trying to find someone?

  5. Alphonso says:

    Hey, Bob.

    Great post; however, I am having a bit of a problem. Instagram won’t accept the same url as a redirect URI. My website is a tumblr page I haven’t yet purchased the domain to. Is that what’s hindering me?

    1. Bob McKay says:

      Hi Alphonso,
      Sorry, I’ve never used Tumblr so not sure!

  6. Angie says:

    Hi Bob! I’m trying to do that, bit when I try to request my token it gives me an error:

    {“code”: 403, “error_type”: “OAuthForbiddenException”, “error_message”: “Implicit authentication is disabled”}

    And I don’t know what i should do

    1. Bob McKay says:

      Hi Angie,

      It looks like this may be caused by a change to default behaviour by Instagram, I found these instructions:

      Go to Manage clients under instagram/developer. Then click edit under your app and uncheck Disable Implicit OAuth. It will now work as intended.

      Here: http://teamtreehouse.com/forum/oauth-error-403

      Hope this helps!

  7. Arun says:

    Bob, ur amazing!!!
    i have been troubleshooting this issue and wasted like more than 2 hrs.. was literally frustrated!!
    THANKS FOR YOUR HELP 🙂
    cheers

    1. Bob McKay says:

      Hey Arun,

      Thanks for the comment and glad this helped! 🙂

      1. Joe says:

        This helped me too! I was getting the 403 error but your info was very helpful. Appreciate your response.

  8. Mark says:

    Bob…………..

    Nice to meet you……………no problem getting the access token……………when a user tries to login in using instagram, we get this message………..”{“code”: 400, “error_type”: “OAuthException”, “error_message”: “Redirect URI does not match registered redirect URI”}”

    I’ve checked and they match………….

    Any thoughts?

    Thanx and thanx for writing about this !!!!!!!!!!

    Mark

    1. Bob McKay says:

      Hey Mark,

      Thanks for the comments but sorry buddy I don’t know – all I can suggest is the obvious stuff (double check they are the same case, whitespace, etc).

      Good luck!

      1. Mark says:

        Thanx !!!!!!!!!!!
        Mark

    2. Navin says:

      @Mark, check for trailing slashes. I had the same issue until I put a trailing slash in, because it was also there in the permissions list.

  9. Vikita says:

    Hey Bob,
    I want to get all the images of a registered instagram user with the help of username only.Any idea about this???
    Thanks in advance

  10. Thanks it help. I need it for my client. I worked bro. You rocks 🙂

  11. Androniki says:

    Thank you very much!!!

    Great work!

    I would add also the link to overcome the following error I faced when I followed the instructions.

    {“code”: 403, “error_type”: “OAuthForbiddenException”, “error_message”:”Implicit authentication is disabled”}
    Solution: Go to Manage clients under instagram/developer. Then click edit under your app and uncheck Disable Implicit OAuth. It will now work as intended.

    Link I found the solution: http://teamtreehouse.com/community/oauth-error-403

    1. Sam Ramezanli says:

      Thank you so much for adding this man.

  12. airnold says:

    hi~ now iam trying to login using istagram authentication.. iam using ionic with angularjs and ngCordova oauth

    $cordovaOauth.instagram(“CLIENT_ID”, [“basic”,”comments”, “relationships”]).then(function(result) {
    console.log(result);
    });

    my console output only access_token.. where can i get user infomation ?? as instagram developer site,

    return data is

    {
    “access_token”: “fb2e77d.47a0479900504cb3ab4a1f626d174d2d”,
    “user”: {
    “id”: “1574083”,
    “username”: “snoopdogg”,
    “full_name”: “Snoop Dogg”,
    “profile_picture”: “…”
    }
    }

    but my return data only
    { access_token: ‘2201825163.d215aee.1dd5c12d18c94905bf12034e8cff80ae’ }

    help me !

    1. Bob McKay says:

      Hi Airnold,
      Sorry but this only covers retrieving an access token from Instagram, not logging in with one! I’d trying the Cordova forums for help!

  13. Brittney says:

    I’m getting this 🙁

    {“code”: 403, “error_type”: “OAuthForbiddenException”, “error_message”: “Implicit authentication is disabled”}

  14. Asad says:

    Thanks Bro ! it worked

  15. Gloria says:

    Hi Bob, great instructions! But everytime I press authorise, it takes me to my website without any codes after it. Simply my URL. Can you advise?

  16. Krl says:

    I got this error
    code :403 , error_type: OAuthForbiddenException, error_message: You are not a sandbox user of this client

    1. aaa says:

      how to solved this problem? i have de same problem.

  17. sandis laxman says:

    what i put in website url and Valid redirect URI
    Privacy Policy URL

    while develop an android app ..plz give answer..

    1. Bob McKay says:

      Hi Sandis, everything you need to know is in the post

  18. Silent says:

    Having troubles with this
    after pasting and editing the link I always get this:
    {“code”: 400, “error_type”: “OAuthException”, “error_message”: “Invalid Client ID”}
    what should I do? I copied and pasted CLIENT ID from my app page but the problem is still there
    thanks in advance!

  19. Shimaa says:

    Hi,
    I got this error
    {“code”: 400, “error_type”: “OAuthException”, “error_message”: “Only response type \”code\” and \”token\” is allowed”}

    thanks in advance

  20. devios says:

    code :403 , error_type: OAuthForbiddenException, error_message: You are not a sandbox user of this client
    How do we handle such issue ?

    1. aaa says:

      how to solved this problem? i have de same problem.

  21. jose says:

    Nice tutorial, thanks for help

  22. santosh yadav says:

    {“code”: 403, “error_type”: “OAuthForbiddenException”, “error_message”: “You are not a sandbox user of this client”}

    How i handle this error

  23. lovkesh sharma says:

    thnks

  24. Pankaj says:

    The tokens provided by Instagram do not have infinite validity. Instagram can invalidate these tokens and therefore the application using the token would stop working.
    Is there any method to get the access tokens programatically?
    I have been trying to do so through an ‘HttpRequest’ in C# but I am running into issue.

  25. Gina says:

    thanks a bunch for your tips!

  26. Jake says:

    Hi you know the app instafollow that tells you who blocked you and who unfollowed you. It won’t let me log in whenever I try log in it says
    {“code”: 403, “error_type”: “OAuthForbiddenException”, “error_message”: “You are not a sandbox user of this client”} Please help me

  27. Dave says:

    I don’t think this works anymore. The URL in step two now returns the following JSON object:
    {“code”: 403, “error_type”: “OAuthForbiddenException”, “error_message”: “Implicit authentication is disabled”}

    Instagram seems to be making it hard to use their service. It’s like they don’t want people to use it. 🙁

    Twitter is MUCH easier to embed. Photos can be posted there and the responsive grid is quite nice too. I may drop Instagram in favor of Twitter and just hope Twitter can pull out of the slow death spiral it’s in right now. lol

    1. Dave says:

      After posting I realized others had posted the same problem and the solution was to uncheck the “disable implicit oauth” box. I did that and then got an error like Mark saying the redirect URL wasn’t the same. It turns out that I had “http://ravenflight.net” in the URL and the redirect url in the developer console had just “ravenflight.net” It seems like these should be equivalent but they’re not. Removing the “http://” from the url parameter fixed that problem. After that it took me to a page saying the app was in sandbox mode and could only be authorized by sandbox users, which I assume I am, and it had an “Authorize” button. I clicked the button and it sent me to a 404 page. Now the URL from step 2, which before took me to the authorize page, is just 404. No access_token anywhere.

      I think Instagram hates it’s users. This is WAY harder than it should be. 🙁

    2. I got this working after Instagram changed their API on June 1, 2016.
      Once you’ve created your sandbox app, follow the instructions at the bottom of the API Authentication page page under “Client-Side (Implicit) Authentication” to get your access token.
      http://www.instagram.com/developer/authentication/

      Note that your app can only read your own posts. If you need extended permissions you’ll have to submit your app for review.

  28. Kenny says:

    {“code”: 403, “error_type”: “OAuthForbiddenException”, “error_message”: “You are not a sandbox user of this client”}

  29. Ignasi says:

    Sorry, I am quite lost, because I paste the STEP 2 link and that’s all, I cannot continue from there… thanks!

  30. geetika says:

    thankx so much it work grt…. but i want to login in my own app in ios……
    how it will plz help me….

  31. geetika says:

    hii.. my console output is responseDict –> {
    code = 400;
    “error_message” = “Invalid Client ID”;
    “error_type” = OAuthException;
    }
    but i want this return data:
    {
    “access_token”: “fb2e77d.47a0479900504cb3ab4a1f626d174d2d”,
    “user”: {
    “id”: “1574083”,
    “username”: “snoopdogg”,
    “full_name”: “Snoop Dogg”,
    “profile_picture”: “…”
    }
    }

    plz help me i want ur suggestion plz dont ignore this ….

  32. dc says:

    hi , i wanna save instagram pics to my camera roll , so i an app called ” like2save” then i login ,but there’s notification that i am not client of this sandbox user, but i already have token stuff you said above, so can save pic from another app ?

  33. Hi Bob, maybe a little off topic but related to access tokens – since a “plugin” like instafeed requires the access token to be written into the code, which is accessible by pretty much anyone that knows how to use dev tools, how do you suggest I can protect my access token from misuse?

    1. Bob McKay says:

      Hi William,

      There’s no way I can think of other than having your App talk to your own API hosted somewhere (AWS or Azure) and then have that in turn authenticate to Instagram.

  34. seun says:

    I got this error:

    {“code”: 403, “error_type”: “OAuthForbiddenException”, “error_message”: “Implicit authentication is disabled”}

  35. YsN says:

    Hey,
    First of all thanks a lot for preparing that tutorial. I’ve a question. How to share feeds of another accounts.(E.g. of a friends or customers instagram account).
    I’ve already created an access token from my own profile and invited him to be a sandbox user and he accepted it already. Is it possible to share their feeds. Or do I need the access token of the other account.
    Thanks in regards

  36. Nuzhat says:

    Hi Bob,
    I am getting following error in Instagram integration:

    {“code”: 403, “error_type”: “OAuthForbiddenException”, “error_message”: “You are not a sandbox user of this client”}
    Please help me out.
    Thanks in advance.

  37. Tik. says:

    Thanks a lot. I was able to get an access token.

  38. Omar says:

    Nice tute and straight to the point.
    Many thanks.

  39. ali says:

    i problem to accsess token
    {“error_type”: “OAuthException”, “code”: 400, “error_message”: “Redirect URI does not match registered redirect URI”}
    fixed problem please

Leave a Reply

Your email address will not be published. Required fields are marked *