I recently had to re-register my blog with my Instagram account and found I had no memory of doing it before, the reason is it’s such a painful process I had subconsciously vanquished it from my brain to end the nightmares. Since I’ve had to do it again, I figure I’d try and create a nice simple step by step set of instructions for the process below.
For any lovers of instagram, I highly recommend checking out The Instagram Book: Inside The Online Photography Revolution!
Step 1: Register a New Client
Go the Instagram developer website at http://instagram.com/developer/authentication/- Complete the form, here’s a break down of what each field is:
- Application Name: An arbitrary descriptive name for your App (e.g. ‘My Blog’ or ‘Bobs App’)
- Description: A description of your app or service (e.g. ‘My Personal Blog Website’ or ‘Acme Company Booking App’)
- Website: This is the website url for your App or Service including the protocol (the ‘http://’) at the beginning (e.g. ‘http://bobmckay.com’).
- OAuth redirect_url: This <sarcasm>helpfully labelled field is another website url, it is simply the address to which users will be redirected after they are asked by Instagram to confirm or deny access to the account.
- You are now presented with a Client ID and the Redirect URL – copy and paste these somewhere (or leave the browser window open) as we need them for the next step.
Step 2: Authorize your App/Client
Copy the URL in the grey box below and replace the bits in UPPERCASE with the information you noted earlier on (Client ID and Redirect URL):
http://instagram.com/oauth/authorize/?client_id=YOURCLIENTIDHERE&redirect_uri=HTTP://YOURREDIRECTURLHERE.COM&response_type=token
Paste the updated URL in to your favourite browser and you will be taken to a page on Instragram that says something like, “Hello [Your Name], [Application Name] is requesting to do the following” followed by a list of permissions – click Authorize to enable and retrieve your token.
Click Authorize
Do NOT close the browser window on the next page as its needed exactly ‘as is’ for the final step.
Step 3: Retrieve Your Access Token
You should now have been redirect to the URL you set as your Redirect URL (in my case my blog). At the end of the URL Instagram has directed you to is your access token as a very long series of letters and numbers. It will almost certainly not all be visible so you’ll need to work a little to get it. I recommend:
- Clicking in the address bar of your browser
- Hit CTRL + A on the keyboard to ‘Select All’
- Hit CTRL + C on the keyboard to ‘Copy‘
- Open a text editor such as Notepad and paste the URL there, you should now be presented with something like this:
http://bobmckay.com/#access_token=856946666.7338417.ffefasgtasg805784be6ab4f24965e79
Everything after the equals sign (=) is your access token so in my case this would be: 856946666.7338417.ffefasgtasg805784be6ab4f24965e79.
Security First
You should consider your access token as a password for your Instagram account and so shouldn’t be revealed to anyone (mine above are fictitious).
good golly thank you! For any using the GoDaddy managed wordpress, if it is in development on a temporary domain you may want to use a completely different Redirect URL than the website – and be sure and uncheck the Disable Implicit OAuth. That’s what worked for me anyway. I have no idea why, but trying to use the same Redirect and website URL on the temporary domain wouldn’t cut it.
Hi Gale,
I’m glad it helped and thanks for the extra info on temporary domains!
Bob
same here – had to do this again today after my instafeed.js photo feed randomly stopped working. Thank you so much!
sorry i used botstagram app and i surely got the code, but when i use it on my password box in the account manager deniies why?? or is it a wrong step i have applied with the code coz i dont surely understand well please help me out…………
Hi Faheed,
I’m sorry buddy – it’s been a long time since I did this and I don’t even know what botsagram is! All I can suggest is to start again, carefully working through *every* step above.
Bob are you on instagram…need to get a private tall with u..plz
Tilak, what is it you need to talk about?
plzz tell me how to get code and access token programitically in VB asp.net for instagram
Hi Moni,
Thanks for the post – sorry I don’t work in ASP.NET!
Thank you, you saved my project, i’ve been searching this token problem with my project cause “token invalid” , and i found your blog, thats worked for me using url that you given , thank you again!
Hey Adi,
Thanks for the comment – glad it helped!
Hey if u get me somebodys location on instagram im willing to pay my email is [email protected]
Hi Badar,
Sorry – I’m not really sure what you mean? Are you trying to find someone?
Hey, Bob.
Great post; however, I am having a bit of a problem. Instagram won’t accept the same url as a redirect URI. My website is a tumblr page I haven’t yet purchased the domain to. Is that what’s hindering me?
Hi Alphonso,
Sorry, I’ve never used Tumblr so not sure!
Hi Bob! I’m trying to do that, bit when I try to request my token it gives me an error:
{“code”: 403, “error_type”: “OAuthForbiddenException”, “error_message”: “Implicit authentication is disabled”}
And I don’t know what i should do
Hi Angie,
It looks like this may be caused by a change to default behaviour by Instagram, I found these instructions:
Here: http://teamtreehouse.com/forum/oauth-error-403
Hope this helps!
It may be because your app may be in Sanbox mode. At this time you can logIn with developer id where you have add App.
Bob, ur amazing!!!
i have been troubleshooting this issue and wasted like more than 2 hrs.. was literally frustrated!!
THANKS FOR YOUR HELP 🙂
cheers
Hey Arun,
Thanks for the comment and glad this helped! 🙂
This helped me too! I was getting the 403 error but your info was very helpful. Appreciate your response.
Bob…………..
Nice to meet you……………no problem getting the access token……………when a user tries to login in using instagram, we get this message………..”{“code”: 400, “error_type”: “OAuthException”, “error_message”: “Redirect URI does not match registered redirect URI”}”
I’ve checked and they match………….
Any thoughts?
Thanx and thanx for writing about this !!!!!!!!!!
Mark
Hey Mark,
Thanks for the comments but sorry buddy I don’t know – all I can suggest is the obvious stuff (double check they are the same case, whitespace, etc).
Good luck!
Thanx !!!!!!!!!!!
Mark
@Mark, check for trailing slashes. I had the same issue until I put a trailing slash in, because it was also there in the permissions list.
Hey Bob,
I want to get all the images of a registered instagram user with the help of username only.Any idea about this???
Thanks in advance
Thanks it help. I need it for my client. I worked bro. You rocks 🙂
Thank you very much!!!
Great work!
I would add also the link to overcome the following error I faced when I followed the instructions.
{“code”: 403, “error_type”: “OAuthForbiddenException”, “error_message”:”Implicit authentication is disabled”}
Solution: Go to Manage clients under instagram/developer. Then click edit under your app and uncheck Disable Implicit OAuth. It will now work as intended.
Link I found the solution: http://teamtreehouse.com/community/oauth-error-403
Thank you so much for adding this man.
hi~ now iam trying to login using istagram authentication.. iam using ionic with angularjs and ngCordova oauth
$cordovaOauth.instagram(“CLIENT_ID”, [“basic”,”comments”, “relationships”]).then(function(result) {
console.log(result);
});
my console output only access_token.. where can i get user infomation ?? as instagram developer site,
return data is
{
“access_token”: “fb2e77d.47a0479900504cb3ab4a1f626d174d2d”,
“user”: {
“id”: “1574083”,
“username”: “snoopdogg”,
“full_name”: “Snoop Dogg”,
“profile_picture”: “…”
}
}
but my return data only
{ access_token: ‘2201825163.d215aee.1dd5c12d18c94905bf12034e8cff80ae’ }
help me !
Hi Airnold,
Sorry but this only covers retrieving an access token from Instagram, not logging in with one! I’d trying the Cordova forums for help!
I’m getting this 🙁
{“code”: 403, “error_type”: “OAuthForbiddenException”, “error_message”: “Implicit authentication is disabled”}
Thanks Bro ! it worked
Hi Bob, great instructions! But everytime I press authorise, it takes me to my website without any codes after it. Simply my URL. Can you advise?
I got this error
code :403 , error_type: OAuthForbiddenException, error_message: You are not a sandbox user of this client
how to solved this problem? i have de same problem.
what i put in website url and Valid redirect URI
Privacy Policy URL
while develop an android app ..plz give answer..
Hi Sandis, everything you need to know is in the post
Having troubles with this
after pasting and editing the link I always get this:
{“code”: 400, “error_type”: “OAuthException”, “error_message”: “Invalid Client ID”}
what should I do? I copied and pasted CLIENT ID from my app page but the problem is still there
thanks in advance!
Hi,
I got this error
{“code”: 400, “error_type”: “OAuthException”, “error_message”: “Only response type \”code\” and \”token\” is allowed”}
thanks in advance
code :403 , error_type: OAuthForbiddenException, error_message: You are not a sandbox user of this client
How do we handle such issue ?
how to solved this problem? i have de same problem.
Nice tutorial, thanks for help
{“code”: 403, “error_type”: “OAuthForbiddenException”, “error_message”: “You are not a sandbox user of this client”}
How i handle this error
thnks
The tokens provided by Instagram do not have infinite validity. Instagram can invalidate these tokens and therefore the application using the token would stop working.
Is there any method to get the access tokens programatically?
I have been trying to do so through an ‘HttpRequest’ in C# but I am running into issue.
thanks a bunch for your tips!
Hi you know the app instafollow that tells you who blocked you and who unfollowed you. It won’t let me log in whenever I try log in it says
{“code”: 403, “error_type”: “OAuthForbiddenException”, “error_message”: “You are not a sandbox user of this client”} Please help me
I don’t think this works anymore. The URL in step two now returns the following JSON object:
{“code”: 403, “error_type”: “OAuthForbiddenException”, “error_message”: “Implicit authentication is disabled”}
Instagram seems to be making it hard to use their service. It’s like they don’t want people to use it. 🙁
Twitter is MUCH easier to embed. Photos can be posted there and the responsive grid is quite nice too. I may drop Instagram in favor of Twitter and just hope Twitter can pull out of the slow death spiral it’s in right now. lol
After posting I realized others had posted the same problem and the solution was to uncheck the “disable implicit oauth” box. I did that and then got an error like Mark saying the redirect URL wasn’t the same. It turns out that I had “http://ravenflight.net” in the URL and the redirect url in the developer console had just “ravenflight.net” It seems like these should be equivalent but they’re not. Removing the “http://” from the url parameter fixed that problem. After that it took me to a page saying the app was in sandbox mode and could only be authorized by sandbox users, which I assume I am, and it had an “Authorize” button. I clicked the button and it sent me to a 404 page. Now the URL from step 2, which before took me to the authorize page, is just 404. No access_token anywhere.
I think Instagram hates it’s users. This is WAY harder than it should be. 🙁
I got this working after Instagram changed their API on June 1, 2016.
Once you’ve created your sandbox app, follow the instructions at the bottom of the API Authentication page page under “Client-Side (Implicit) Authentication” to get your access token.
http://www.instagram.com/developer/authentication/
Note that your app can only read your own posts. If you need extended permissions you’ll have to submit your app for review.
{“code”: 403, “error_type”: “OAuthForbiddenException”, “error_message”: “You are not a sandbox user of this client”}
Sorry, I am quite lost, because I paste the STEP 2 link and that’s all, I cannot continue from there… thanks!
thankx so much it work grt…. but i want to login in my own app in ios……
how it will plz help me….
hii.. my console output is responseDict –> {
code = 400;
“error_message” = “Invalid Client ID”;
“error_type” = OAuthException;
}
but i want this return data:
{
“access_token”: “fb2e77d.47a0479900504cb3ab4a1f626d174d2d”,
“user”: {
“id”: “1574083”,
“username”: “snoopdogg”,
“full_name”: “Snoop Dogg”,
“profile_picture”: “…”
}
}
plz help me i want ur suggestion plz dont ignore this ….
hi , i wanna save instagram pics to my camera roll , so i an app called ” like2save” then i login ,but there’s notification that i am not client of this sandbox user, but i already have token stuff you said above, so can save pic from another app ?
Hi Bob, maybe a little off topic but related to access tokens – since a “plugin” like instafeed requires the access token to be written into the code, which is accessible by pretty much anyone that knows how to use dev tools, how do you suggest I can protect my access token from misuse?
Hi William,
There’s no way I can think of other than having your App talk to your own API hosted somewhere (AWS or Azure) and then have that in turn authenticate to Instagram.
I got this error:
{“code”: 403, “error_type”: “OAuthForbiddenException”, “error_message”: “Implicit authentication is disabled”}
Hey,
First of all thanks a lot for preparing that tutorial. I’ve a question. How to share feeds of another accounts.(E.g. of a friends or customers instagram account).
I’ve already created an access token from my own profile and invited him to be a sandbox user and he accepted it already. Is it possible to share their feeds. Or do I need the access token of the other account.
Thanks in regards
Hi Bob,
I am getting following error in Instagram integration:
{“code”: 403, “error_type”: “OAuthForbiddenException”, “error_message”: “You are not a sandbox user of this client”}
Please help me out.
Thanks in advance.
Thanks a lot. I was able to get an access token.
Nice tute and straight to the point.
Many thanks.
i problem to accsess token
{“error_type”: “OAuthException”, “code”: 400, “error_message”: “Redirect URI does not match registered redirect URI”}
fixed problem please
How can i send any post to users whom i do not follow