I need some help with my app, I need to make a Tinder-like instagram integration feature, my app has a search engine like google maps but is created to find Senior Care Homes so a user has a profile and has his facilities associated, so I need that the user associate an instagram account for each facility he has in his profile, but i don't know how to handle this because every token that comes in the facebook login response expires in 60 days, so if I store that token in DB to every time another user visits a facility detail it will request FB API trying to get instagram photos but what if token has expired?, so if someone can help me with this I would really appreciate. Thanks.
I haven't tried anything because i don't really know what is the best way to do this.
Related
I'm trying to display a gallery of images on a website for a client. Those images should be fetched from their Instagram account automatically. Simple, right? Well, it used to be...
I can't use the Instagram API, because it's being deprecated: https://www.instagram.com/developer/
So instead, I'm trying to use the Instagram Graph API to get the latest images for the account: https://developers.facebook.com/docs/instagram-api/reference/user/media#get-media
Skip to the bottom for the short version, or keep reading for the long version.
Long Story
Trouble is, I'm having a very hard time understanding how to even get the credentials to interact with this API. As best I can tell, I need to create four separate things first:
An Instagram Business Account (done)
A Facebook User (done)
A Facebook Page (done)
A Facebook App (done...ish)
I'm not even sure if I need to create all of those things (especially the app), but that's where I'm at now. And I'm trying to figure out what permissions I need based on this page: https://developers.facebook.com/docs/facebook-login/access-tokens#apptokens
I'd think I need an "app access token", and from what I understand I can instead use the app ID and app secret combined in place of the app access token, and that actually seemed to sort of work.
I then tried to get the Instagram ID I need based on the linked Facebook page, which I did with this call (with the real Facebook account ID and the proper token): https://graph.facebook.com/some-facebook-account-id-here?fields=instagram_business_account&access_token=something-here|and-here
The response to that call was:
{
"error": {
"message": "(#10) To use 'Page Public Content Access', your use of this endpoint must be reviewed and approved by Facebook. To submit this 'Page Public Content Access' feature for review please read our documentation on reviewable features: https://developers.facebook.com/docs/apps/review.",
"type": "OAuthException",
"code": 10,
"fbtrace_id": "[redacted]"
}
}
And then I went down a rabbit hole of trying to submit the "feature" for review, but that ended with me running into a catch 22 where it was asking me to have a live working demo of the thing I'm asking for access to. I don't understand how I can have a live working demo when I don't even have access to it yet.
Long Story Short
Long story short, this seems obscenely complicated for something that should be very simple. Maybe I'm just doing this wrong?
What would you do if you were in my shoes in order to gain access to the
Instagram Graph API so that you can fetch a few images from a specific Instagram account to display on a website?
Now if you want to access Instagram post you have two options
To use Instagram Graph API For Business Account
To use Instagram Platform API For non-business account
Assuming you have business account
Here is link to get started
Note:-
None business account Instagram supports only basic permission
Starting 10/1/2017, all permissions other than the basic permission
will be unavailable to submit for or obtain.
This is what they have to say about Instagram api for non-business accounts
Even on Facebook developers plateform they say
The Instagram Graph API allows you to programmatically access
Instagram Business Accounts
Here is SO thread that discusses about it,
So, in short, it's very hard to use APIs for Non-Business accounts
We have an app which could login via Facebook or Instagram. And we will pull some basic information of the user's from the site if you do so. We want to update all those basic informations at a certain period of time by the backend. It's not necessary for us to update informations while the user is using the app. I think update the basic information is just a test. The company might want to give some useful recommendations to the client for some commercial reasons. Any way, I checked that Facebook access token will live for 60 days,Instagram access token will not expire for now. May I refresh access token at backend without user involved?
There is no way to refresh the User Token automatically (on the server), it needs user interaction. Else, it would be pointless to implement a 60 days limit.
I have a web application that I would like to add single sign on capability using user's Facebook or Google+/Google App account.
I have a USERS table that stores users login information. All users are required to have a record in this table no matter if they signed up using FB or Google+.
I am trying to figure out the information that I need to store in the database in order to link USERS table records to FB or Google information.
Facebook documentation states:
the app should store the token in a database along with the user_id
to identify it.
So should I create a table called SSO_LOOKUP with following columns:
USER_ID // user's id that links to my USER table
PROVIDER_ID // user's FB or Google account id
PROVIDER_TYPE // indicates if it is Google, FB, Twitter, etc.
ACCESS_TOKEN
For SSO login definitely you need to have your user_id and some basic details which allow you to connect to FB or google
provider: "it will be either FB or Google or anything in future"
token: "This token we receive from FB and Google. In case of FB it
expires after 3 months or so where as it does not expire for google
as per my knowledge"
token_expired:" As In FB token expires after a time so you can have
this flag in place if you need to refresh it after that duration"
user_id: "This is your User id:
uniqueid: "This is the Unique ID which you will get from FB and Google.
That helps to identify your user in FB/Google"
These are the minimum fields you can add and these will even help you to scale your app. In the sense if you want to pull or push data from google and FB at that time Access_token and unique_id will help you.
Also incase you want to see some publish source then you can see some of the code on github e.g.
django-social-auth
For some details you can refer google documentation and Google OAuth2
Hope this will help.
Technically speaking all you really need to store is the Refresh Token and some kind of flag type identifier that tells you if its a Facebook or Google Refresh Token. Then you can query the API for what ever information you need. Storing the User Id would be a good idea becouse if they logout then reauth you will still know who it is even though the refresh token has changed. anything else is kind of over kill really as you will be getting that information back from the API anyway when you make your calls.
You could if you want store there Name and most recent picture that might be nice to display before you have fetched there information. Then update any changes to your data after you access the API for the first time. But its basically up to you how you want to design things, and what kind of application we are talking about here.
So I was going through Instagram's API and I implemented it. However it isn't as useful as I thought it would be because when trying to get and OAuth2 token a user is taken to a page to authorize them in what looks to be and effort of insuring that the user realizes that they are about to view and share Instagram content with my application. This all makes sense to me although not ideal. You can find it in detail here(Step One: Direct your user to our authorization URL).
Then I saw this press release from a company called Celtra who says they can pull the the most recent images off any Instagram feed and put them in an Ad. I checked it out and somehow they are pulling the images of other companies without this authorization page I am encountering. Basically without page scrapping I don't know how to do this with Instagrams API, and I realize scraping violates Instagrams terms of service. Does anyone have this functionality, where I can pull down images from Instagram and not take a user to an authentication page working legally as I am assuming Celtra is doing? Guidance or documentation on how to achieve this would be ideal.
Instagram recently added an endpoint that will allow you to any instagram account's photos without oauth or needing access_token, you can specify client_id and make API call to get photos.
Just register for an app account at here and add the client_id to this endpoint and make call:
https://api.instagram.com/v1/users/3/media/recent/?client_id=YOUR-CLIENT_ID
You only need access_token to get users' likes, follower feed and to like/comment/follow.
update: you need to have access_token with the new API changes, cannot
access API with just client_id anymore
To do this simply, you could authenticate your app from a dummy profile or your own personal profile and then use the access_token to request the feeds of any account. Then, when an end user goes to use your product, instead of authenticating them, you can just pull content from the Instagram API using your access_token.
I need to make POSTs to facebook page timeline (not auto posts, but when a user on an enterprise application submits a form). Note that a user should bot be logged in on facebook!
I've searched a lot and seems i should use graph api to do this... but, it's possible to achieve this without creating a facebook app?
I don't wish any user have this app... i just need to make POSTs to a facebook page that i own. So, it's not a public app.
I've made some tests with graph api explorer, after creating an app, and i'm trying to POST and always get error "An active access token must be used to query information about the current user.".
So, i'm using the correct access token (app access token in this case)... how can i test this? I should have my app submitted to be reviewed already? I just want to make some tests, to see if this actually works as i need to... don't wish to publish app now.
Could someone point me to the right direction?
Thanks!
An App Token is the wrong Token to post to a Page. You would need to use a Page Token for that. At least if you want to post "as Page". If you want to post "as User", you have to use a User Token. Everything you need to know is in the docs: https://developers.facebook.com/docs/graph-api/reference/v2.5/page/feed#Creating
More information about Tokens:
https://developers.facebook.com/docs/facebook-login/access-tokens
http://www.devils-heaven.com/facebook-access-tokens/