CODEWITHSUNDEEP
oauthinstagraminstagram-api
Steven Oxley
Steven Oxley

Reputation: 6723

Adding a query parameter to the Instagram auth redirect_uri doesn't work?

Steps to reproduce

  1. Register a redirect_uri in the client: http://example.com/publisher/auth
  2. Direct a user to the /oauth/authorize endpoint with the redirect_uri including a query parameter: 
    https://api.instagram.com/oauth/authorize/?client_id=xxx&redirect_uri=http%3A%2F%2Fexample.com%2Fpublisher%2Fauth%3FinviteId%3D00001000-cf33-11e4-9f26-8789dd0b3e01&response_type=code&scope=basic&type=web_server
    For reference, those query parameters are: 
    client_id=xxx
redirect_uri=http%3A%2F%2Fexample.com%2Fpublisher%2Fauth%3FinviteId%3D00001000-cf33-11e4-9f26-8789dd0b3e01
response_type=code
scope=basic
type=web_server
  3. Authenticate an instagram user and allow the app.
  4. The user is redirected back to the correct redirect_uri.
  5. Use the code query parameter from the redirected URI to post to Instagram's /oauth/access_token endpoint.

Expected behavior

The endpoint responds with 200 and an access token.

ACTUAL behavior

The endpoint responds with:


code=400
error_type = 'OAuthException'
error_message = 'Redirect URI doesn't match original redirect URI'

What I've Investigated So Far

To confirm that this is a problem with Instagram, I checked the API docs which very clearly state that adding query parameters to the redirect URI should be possible. I also tried varying only that query parameter. For example, when replaced with this /oauth/authorize URL I get the expected behavior:

https://api.instagram.com/oauth/authorize/?type=web_server&client_id=xxx&redirect_uri=http%3A%2F%2Fexample.com%2Fpublisher%2Fauth&response_type=code&scope=basic

For reference, those query parameters are:

client_id=xxx
redirect_uri=http%3A%2F%2Fexample.com%2Fpublisher%2Fauth
response_type=code
scope=basic
type=web_server

Notes

This question is actually a duplicate of another question which actually didn't really turn out to be a question, and which never got any answers.

I have submitted a bug with Instagram, but I wanted to see if anyone had found this or come up with a workaround.

Upvotes: 15

Views: 6026

Answers (3)

ssbarbee
ssbarbee

Reputation: 1712

Had the same issue today. To get the custom data passed between requests you must include it as state param. My authorize request url looked something like this:

https://www.instagram.com/oauth/authorize?client_id=SOME_CLIENT_ID&response_type=code&redirect_uri=http://example.com/auth/InstagramRedirect/&state=855C0114-F860-420A-AEB1-A276644FCCEA

Notice the & and state=...

Upvotes: 8

nachoab
nachoab

Reputation: 1988

You have to provide the redirect_uri with your extra search params as the last parameter:

https://www.instagram.com/oauth/authorize/?client_id=be1b911b487f4919b9c2fb7df0c4142c&type=web_server&response_type=code&scope=basic&redirect_uri=https://wpwifidemo.alepo.net/instagram/joinus/?inviteId=00001000-cf33-11e4-9f26-8789dd0b3e01

User will be redirected to:

https://wpwifidemo.alepo.net/instagram/joinus/?inviteId=00001000-cf33-11e4-9f26-8789dd0b3e01&code=CODE

Upvotes: 1

user358352
user358352

Reputation:

It might be too late reply for this question. But i faced the same issue today & got this question already posted and solution for passing parameters to authentication URL is as follows.

It seems that your extra parameter is type=web_server , taking that into consideration, your URL for getting for code should be as follows

https://www.instagram.com/oauth/authorize/?client_id=be1b911b487f4919b9c2fb7df0c4142c&redirect_uri=https://wpwifidemo.alepo.net/instagram/joinus/?type=web_server&response_type=code&scope=basic

And then while calling the accessToken API append your redirect_uri parameter with your passed parameter (not the same configured in the app). e.g.

redirect_uri=http%3A%2F%2Fexample.com%2Fpublisher%2Fauth%3FinviteId%3D00001000-cf33-11e4-9f26-8789dd0b3e01?type=web_server

Upvotes: 0

Related Questions