Establishing a Connection
Authenticating to Instagram
Instagram uses the OAuth authentication standard
Authenticate via OAuth AuthentiationIn this OAuth flow, you can connect without setting any connection properties for your user credentials. Click Connect and the provider opens the Instagram OAuth endpoint. Log in and grant permissions to the provider. The provider then completes the OAuth process.
Instead of connecting with the provider's embedded credentials, you can register an app to obtain the OAuthClientId and OAuthClientSecret.
When to Create a Custom OAuth App
You need to create a custom OAuth app in the web flow.
Creating a custom OAuth app is optional as the provider is already registered with Instagram and you can connect with its embedded credentials. You might want to create a custom OAuth app to change the information displayed when users log into the Instagram OAuth endpoint to grant permissions to the provider.
Creating a custom OAuth app is optional to authenticate a headless machine; the provider is already registered with Instagram and you can connect with its embedded credentials. In the headless OAuth flow, users need to authenticate via a browser on another machine. You might want to create a custom OAuth app to change the information displayed when users log into the Instagram OAuth endpoint to grant permissions to the provider.
Creating a Custom OAuth App
When to Create a Custom OAuth AppCreating a custom OAuth app is required in the web flow. Creating a custom OAuth app is optional for desktop and headless applications; the provider is already registered with Instagram and you can connect with its embedded credentials.
You might want to create a custom OAuth app to change the information displayed when users log into the Instagram OAuth endpoint to grant permissions to the provider.
Allowing Access to Instagram Data
To allow users to connect through the provider, you will complete the tasks below:
- Connect a Facebook Page to an Instagram account.
- Register the provider as an app with Instagram.
- Submit your app for Facebook's review.
Connect a Facebook Page to an Instagram Account
To access Instagram data, users need a role on a page that is associated with an Instagram account. (Any user with a role on the page will have access.)
To connect a page and an Instagram account, log into Facebook and from your Page's settings click Instagram, then log into your Instagram account. If your account is not an Instagram Business Account, follow the prompts to set up a business profile.
Register an App
Register an app to obtain the values for the OAuthClientId and OAuthClientSecret properties. The OAuth client credentials authenticate the provider to Facebook.
- Log into Facebook and navigate to https://developers.facebook.com/apps.
- Create a new app and click Settings > Basic. The OAuthClientId is the App Id displayed. The OAuthClientSecret is the App Secret.
- Click Add Platform and select Website. Enter a Site URL. This value is not used in authentication.
Add the Facebook Login Product
In this step you will configure the OAuth redirect URI.
- Go to your app settings and add the Facebook Login product from the Products section.
- In the product settings, define the OAuth redirect URI.
If you are making a desktop application, set the redirect URI to https://localhost:33333/, or some other similar https url.
If you are making a web application, set the redirect URI you want to be used as a callback URL, where the user will return with the token that verifies that they have granted your app access.
Add the Instagram API Product
In this step you will configure the Instagram API permissions your app will request.
- Go to your app settings and add the Instagram product from the Products section.
- Configure the permissions in the product settings. In order to access all the tables and views, include the following scopes: instagram_basic, instagram_manage_comments, instagram_manage_insights.
Submit the App for Review to Go Live
While you can still with an application without review, to go live and fully access Instagram content, you will need to submit your application for review and approval.
- Click the Manage button for your application and on the Permissions tab click Start a Submission.
- Select the use case that best describes your Instagram integration.
- Fill the form and wait for your application to be approved.
Authenticate to Instagram from a Desktop Application
After setting the following connection properties, you are ready to connect:
- OAuthClientId: Set this to the App Id for your OAuth app.
- OAuthClientSecret: Set this to the App Secret for your OAuth app.
- InitiateOAuth: Set this to GETANDREFRESH. You can use InitiateOAuth to avoid repeating the OAuth exchange and manually setting the OAuthAccessToken.
- BusinessAccountId: If you have more than one Facebook page connected with an Instagram account, set the BusinessAccountId connection property to specify the Id of a business account you have associated with a Facebook page.
You can get a business account Id by querying the Page view.
- Extracts the access token from the callback URL and authenticates requests.
- Obtains a new access token when the old one expires.
- Saves OAuth values in OAuthSettingsLocation to be persisted across connections.
Authenticate to Instagram from a Web Application
Follow the steps below to use the provider to get the OAuth token values and connect from a web application.
Get an Access Token
Set the following connection properties to obtain the OAuthAccessToken:
- OAuthClientId: Set this to the App Id in your app settings.
- OAuthClientSecret: Set this to the App Secret in your app settings.
You can then call stored procedures to complete the OAuth exchange:
- Call the GetOAuthAuthorizationURL stored procedure. Set the AuthMode input to WEB and set the CallbackURL input to the OAuth redirect URI you specified in your app settings. The stored procedure returns the URL to the OAuth endpoint.
- Log in and authorize the application. You are redirected back to the callback URL.
The callback URL contains the verifier code in a query string parameter. Extract the verifier code from the callback URL.
- Set the following parameters and call GetOAuthAccessToken:
Name Value AuthMode WEB Verifier Set this to the verifier code. CallbackURL Set this to the callback URL in your app settings.
Connect to DataTo make requests to Instagram, set the OAuthAccessToken property. The OAuthAccessToken has a limited lifetime. When the token expires, you need to call the preceding stored procedures to reauthenticate.
Connect to Multiple Pages
If you have more than one Facebook page connected with an Instagram business account, set BusinessAccountId in addition to OAuthAccessToken. The BusinessAccountId property specifies the Id of a business account you have associated with a Facebook page.
You can get a business account Id by querying the Page View.
Customizing the SSL Configuration
By default, the provider attempts to negotiate SSL/TLS by checking the server's certificate against the system's trusted certificate store. To specify another certificate, see the SSLServerCert property for the available formats to do so.
Connecting Through a Firewall or Proxy
To connect through the Windows system proxy, you do not need to set any additional connection properties. To connect to other proxies, set ProxyAutoDetect to false.
In addition, to authenticate to an HTTP proxy, set ProxyAuthScheme, ProxyUser, and ProxyPassword, in addition to ProxyServer and ProxyPort.
Set the following properties:
- To use a proxy-based firewall, set FirewallType, FirewallServer, and FirewallPort.
- To tunnel the connection, set FirewallType to TUNNEL.
- To authenticate, specify FirewallUser and FirewallPassword.
- To authenticate to a SOCKS proxy, additionally set FirewallType to SOCKS5.
Troubleshooting the Connection
To show provider activity from query execution to network traffic, use Logfile and Verbosity. The examples of common connection errors below show how to use these properties to get more context. Contact the support team for help tracing the source of an error or circumventing a performance issue.
- Authentication errors: Typically, recording a Logfile at Verbosity 4 is necessary to get full details on an authentication error.
- Queries time out: A server that takes too long to respond will exceed the provider's client-side timeout. Often, setting the Timeout property to a higher value will avoid a connection error. Another option is to disable the timeout by setting the property to 0. Setting Verbosity to 2 will show where the time is being spent.
- The certificate presented by the server cannot be validated: This error indicates that the provider cannot validate the server's certificate through the chain of trust. If you are using a self-signed certificate, there is only one certificate in the chain.
To resolve this error, you must verify yourself that the certificate can be trusted and specify to the provider that you trust the certificate. One way you can specify that you trust a certificate is to add the certificate to the trusted system store; another is to set SSLServerCert.