I am using the Instagram API and I'm having some small roadblocks. I already got my Access Token working on the Graph API but the user_id I'm feeding it seems to not be working, I'm retrieving the ID from Otzberg using the app-linked Instagram account's username, but I'm not sure it's the right one.
Here's the query:
https://graph.facebook.com/ig_hashtag_search?user_id={USER_ID}&q={HASHTAG}&access_token={ACCESS_TOKEN}
Any advice?
You had get legacy instagram user id from Otzberg. This user id had work with old instagram API. When you call your endpoint with this user id you should get message : Param user_id is not a valid Instagram User ID .
For use ig_hashtag_search you should get permission for Instagram Public Content Access
You should use IG User#id with this endpoint. You can search user id from business-discovery(GET /{ig-user-id}/business_discovery).
P.S. new ig-user-id - usually it 17+/- numbers.
On a browser on which you are authenticated on the good account go the page : https://graph.instagram.com/me?fields=id,username&access_token=YOUR_ACCESS_TOKEN
I am using instagram API in my client's app. This is a kind of a social networking app with profiles for each user. In this app, there is a section which displays instagram recent pictures of a person on their profile page. The issue is that I'm having to log the user in every time they go to view the profile in the instagram section. Can we have it so the user only has to login once and never again?
In other apps like Tinder, we login only once and then our profile is connected to instagram - even if you close the app. This means the app is either storing instagram credentials or the pictures. But latest documentation on instagram developer portal says don't store login credentials or pictures. How can I mimic this behaviour in our app?
For the login purpose, you can retrieve the access token for the particular use which you can store and for the every data retrieval request you can use that access token to get data without making user login again till the access token is valid
to get an access token you can follow the Instagram guide : Instagram: User Authentication
Which is like
Direct the user to our authorization URL. If the user is not logged
in, they will be asked to log in. The user will be asked if they
would like to grant your application access to her Instagram data.
Client Side login
For the images for another user,If you want the public feed of the user you can get directly if you already have the username of the Instagram user by making a get request without need of authentication/access token
https://www.instagram.com/{user-name of Instagram user for which you have to retrieve the media}/media/
Ex: https://www.instagram.com/instagram/media/ , this will return json with the public feed images
I'm studying how to develop an iOS app and I need to figure out how should I structure it.
Architecture:
I've an external database, a REST api (as interface between the database and the app), and the iOS app.
The question:
I'd like users to authenticate by a simple form or by a Facebook login button but in each case a table 'user' in the database has to be filled with default fields like name, surname, email, profile picture, password(?).
For the standard authentication there are no problem, but for Facebook authentication I'm quite confused about theory:
Should I use access token? How?
When a user get authenticated with Facebook I haven't his password, so how can I get his informations from the database? In the standard way I would give to the database username and password and it would return for example the id field.
Sorry for my english.
You can use the access token of current logged in user
[FBSDKAccessToken currentAccessToken]
and send it to your REST api. From there you can retrieve every information you need and save it to your database (except user's password of course). If a user sign in for first time in your app insert a new user in your database and save user's Facebook User ID.
The whole idea of using authenticate and authorization is not to have access to user's password of another app, but the user authorize (confirm) your app to have access in his/her account with specific permissions.
Here is a step-by-step answer of what you need:
Design for Facebook authentication in an iOS app that also accesses a secured web service
You need to save the currentAccessToken that the login request returns to you.
Then, using Facebook's Graph API, the userID that was returned in the login request, and the user access token, you can request a user object, which has the email address, assuming you added the email permission in the login request.
Also use the Graphi API to retrieve the user's photo using the userID that was returned in the login request:
50x50 pixels
<img src="//graph.facebook.com/{{fid}}/picture">
200 pixels width
<img src="//graph.facebook.com/{{fid}}/picture?type=large">
I can get user's friends list. But i`m intresting only in user's friends who authorize my app on my site.
How i can do it?
At the end of an authentication process (with OAuth I guess), Twitter gives you tokens for the application, the ID and the screen name (username) of the user who authorized the app.
So you can do something like this :
At the end of the authentication process : storing the user ID and/or the username of the user who authorized your application (in your database for example).
When you retrieve the user's friend list, you can see if user's friend authorized your app by watching if its ID (and/or its username, depending on what you kept) is in the storage where you keep informations about users who authorized your app.
I am new to OAuth and have been playing around with the Twitter API. I am able to fetch the credentials of a user after authentication by making a request to http://api.twitter.com/1/account/verify_credentials.xml. The response contains the user id, screen name etc. but not the email ID.
Is it possible at all to retrieve the email ID of the user?
Update
I believe Facebook provides this information if you specifically request for extended permissions. Is there something similar for Twitter?
The user's email address can not be retrieved via the API. This is a deliberate design decision by the API team.
UPDATE 2015.08.18:
It is possible to request an email address from users, but it requires your app to be whitelisted. See https://dev.twitter.com/rest/reference/get/account/verify_credentials for details of the API call and this form to request whitelisting of your app.
For OutsourceFactor, which is written in Python / Django, I get the username via oAuth1, then construct an email as "username#twitter.com" which is guaranteed to be unique throughout twitter. Then I hash it to get a nice UUID to be used and associated with my local user account. Same thing for Yahoo. Google and Facebook use oAuth2 and they give me the email address on request which is nice.
To ensure multiple social associations with a single account, I allow social account associations ONLY after the user has locally created an account and is logged in.
So, you have to create an account first (local account), then you can use any of the social oAuth providers to ease your future logins. This is the best bang for the buck for my site.
Anyways, you get some unique form of ID from twitter. So just use it. You can ask for an email address later or before the association.
Email address is obfuscated by Twitter in their OAuth responses. Which always have been a great issue for people wanting to include a "Register with Twitter" function.
More recently (early 2015), Twitter have added email address support through a second service call, but under certain, abused, conditions.
https://dev.twitter.com/rest/reference/get/account/verify_credentials
So now it is possible, but my opinion is to continue to implement an OAuth every-provider-but-twitter single sign on. They must be boycotted until they act normally, i mean like every single other OAuth provider.
In Android using Fabric, I request the user's email address like this:
TwitterAuthClient authClient = new TwitterAuthClient();
authClient.requestEmail(session, new Callback<String>() {
#Override
public void success(Result<String> result) {
// Do something with the result, which provides the email address
}
#Override
public void failure(TwitterException exception) {
// Do something on failure
}
});
See http://docs.fabric.io/android/twitter/request-user-email-address.html
In my case every time I get the response I got a unique authentication id for every user and its same for that user every time. So I used that id to create a email like unique_id#twitter.com and check if that's already on my site ( for first time it is not ) and then register the user. Then if he logins second time I just again create the email and check if its already on there. By this I don't have to make him create a local account first and can identify him to login.
Here is the example how to get twitter user email in Laravel, and on coditty.com you can find the full example using Angular+Laravel
// get token secret from db
$token = TwitterTokens::where('oauth_token', $request->input('oauth_token'))->first();
// open twitter connection
$connection = new \Abraham\TwitterOAuth\TwitterOAuth(
$this->twitter_consumer_key,
$this->twitter_secret,
$request->input('oauth_token'),
$token->oauth_token_secret// twitter secret from DB
);
// get acces token
$access_token = $connection->oauth("oauth/access_token", ["oauth_verifier" => $request->input('oauth_verifier')]);
// new TwitterOAuth instance to get email
$twitterOAuth = new \Abraham\TwitterOAuth\TwitterOAuth( $this->twitter_consumer_key, $this->twitter_secret, $access_token['oauth_token'], $access_token['oauth_token_secret'] );
// Let's get the user's info with email
$twitterUser = $twitterOAuth->get('account/verify_credentials', ['include_entities' => 'false','include_email'=>'true','skip_status'=>'true',]);
// output user object from twitter in your Log file
Log::info(['user'=>$twitterUser]);
Who said it's not possible ???
I have gotten in my iOS App after whitelisting the App.
Check my answer here.
Add this code!
$params = array('include_email' => 'true', 'include_entities' => 'false', 'skip_status' => 'true');
`$data = $connection->get('account/verify_credentials', $params); // get the data`
// getting twitter user profile details
$twt_id = $data->id; //twitter user id
$twt_email = $data->email; //twitter user email
Checkout full procedure here.
Who says you cant get users email, the “Request email addresses from users” checkbox is available under the app permissions on apps.twitter.com. Privacy Policy URL and Terms of Service URL fields must be completed in the app settings in order for email address access to function. If enabled, users will be informed via the oauth/authorize dialog that your app can access their email address.