Reputation: 13856
With instagrams new api changes, it appears that there is no way to get an access_token without having some sort of user interaction. All of the documentation that I have found has stated that there is a mandatory pass through of loggin in authorizing an app via a user interaction(https://www.instagram.com/developer/authentication/):
Server-side (Explicit) Flow
Step One: Direct your user to our authorization URL
https://api.instagram.com/oauth/authorize/?client_id=CLIENT-ID&redirect_uri=REDIRECT-URI&response_type=code Note: You may provide an optional scope parameter to request additional permissions outside of the “basic” permissions scope. Learn more about scope.
Note: You may provide an optional state parameter to carry through a server-specific state. For example, you can use this to protect against CSRF issues.
At this point, we present the user with a login screen and then a confirmation screen where to grant your app access to her Instagram data.
Client-Side (Implicit) Authentication
Step One: Direct your user to our authorization URL
https://api.instagram.com/oauth/authorize/?client_id=CLIENT-ID&redirect_uri=REDIRECT-URI&response_type=token At this point, we present the user with a login screen and then a confirmation screen where they grant your app’s access to their Instagram data. Note that unlike the explicit flow the response type here is “token”.
With an access_token that refreshes periodically, is it possible to to get the access token without user interaction?
I am trying to display my feed on my site but I haven't found a way besides the embed options they offer after the API changes.
EDIT: My question getting marked as a dupe of Instagram OAuth Access Token expiration for app but I am not looking at figuring out the expiration(that is not explicitly defined in the IG documentation). I want a purely programmatic way to get the the access_token.
Upvotes: 17
Views: 7674
Reputation: 106
I'm having this issue too. I'm assuming you want to write a script to run things for you.
One (rather lame) solution would be to use selenium, phantom JS, headless chrome, or any other similar tech to visit the login screen to fill in the account credentials (throw security out the window), before grabbing the code from the following redirect URL...
It's a shame that Instagram doesn't allow this type of non-user-required account option.
Upvotes: 1
Reputation: 106
Here in the Instagram developer docs, it states:
https://www.instagram.com/developer/authorization/
Content Display for Personal Website. If you are a developer and you want to showcase Instagram content on a website, then you do not need to submit your app for review. By using a client in sandbox mode, you will still be able to access the last 20 media of any sandbox user that grants you permission.
So if you already have a client set up with Instagram, you should be able to continue to grab your posts from the API as long as you're in "sandbox" mode. You'll only be able to grab posts for your own user account or any that have given your sandbox permission (limit of 10).
If you don't already have an access token, you can use something like Oauth.io. (It's free.)
Upvotes: 0
Reputation: 1366
You can store the access token in your server. As long as its valid, you don't need to ask your users to login.
Keep in mind that the access token has an expiry date. So you have to handle that case too[i.e, on expiry, ask the user to login again and fetch and save the new access token]
Upvotes: 0