Instagram Basic API access token invalid

0
votes

I'm trying to integrate with the new instagram api as my feed is no longer working, i have setup my app and give it the necessary things, when i make the request so in my case

https://api.instagram.com/oauth/authorize?client_id={instagram app id}&redirect_uri={redirect_uri}&scope=user_profile,user_media&response_type=code

it takes me to instagram asks me to sign in with the instagram i am then redirected back to the redirect uri and in the url it has the following ?code=XXXXX and then a big long string of what i assume is the access token but when i try using it it doesn't work i tried pasting it in the facebook access token debugger and it says "Invalid OAuth access token."

this is how i am trying to use it https://graph.instagram.com?fields=media_url&access_token=XXXXX

1
instagraminstagram-api

1 Answers

0
votes

No, that "code" part is not the access token. But you need it to take access token. When you have "code=XXXXX#_" take the "XXXXX" part. Notice - you need to remove "#_" in the end.

Then you have to make POST request like they say in the docs. Dependent of what tech you use you can make it with internal functions. E.h. in Rails you can use Curl::Easy.http_post()

They use this bash line:

curl -X POST \ https://api.instagram.com/oauth/access_token \ -F client_id={app-id} \ -F client_secret={app-secret} \ -F grant_type=authorization_code \ -F redirect_uri={redirect-uri} \ -F code={code}

client_id = your instagram client id

client_secret = your secret.

(you can find both in facebook developer page under you Instagram Basic Display tab.

grant_type=authorization_code (leave it like it is here)

redirect_uri = this is the page where you will be navigated after you get the token

code = "XXXXX" part from the "code=XXXXX"

In server response you will receive the object with user_id and access_token fields. Notice that this token expires in 1 hour. But you can exchange it for 60 days long term token.

Use this pattern to get it:

https://graph.instagram.com/access_token?grant_type=ig_exchange_token&client_secret=#{YOUR_CLIENT_SECRET}&access_token=#{SHORT_TERM_TOKEN_YOU_JUST_RECEIVED]

It should return object with 2 fields: a long life token itself and the number of seconds until expiry.

Hope it helps.