Get Instagram Access Token Using Client-Side Authentication


In this tutorial I will show you how to get Instagram access token using Client-Side Authentication (Implicit) for web apps. Instead of handling a code, we receive the access_token as a fragment (#) in the URL. This method is less secure, but allows applications without any server component to receive an access_token. The access token do not specify an expiration time but as per Instagram do not assume access_token is valid forever.

Create an Application:

Go to the following URL https://www.instagram.com/developer/clients/manage/ and click on Register a New Client button to create a new application. Fill the details and uncheck Disable implicit OAuth option to allow Client-Side (Implicit) Authentication.

Get Instagram Access Token Using Client-Side Authentication
Get Instagram Access Token Using Client-Side Authentication

Client-Side (Implicit) Authentication:

If you are building an app that does not have a server component, you can use two steps Implicit Authentication Flow.

Step One: redirect user to Instagram authorization URL

https://api.instagram.com/oauth/authorize/?client_id=CLIENT-ID&redirect_uri=REDIRECT-URI&response_type=token

Replace CLIENT-ID and REDIRECT-URI with your app’s Client ID and one of the redirect_uri you mentioned in application creation. At this point, user will need to login and then confirm to grant access to your app’s to get their Instagram data.

Step Two: Receive the access_token via the URL fragment

Once the user authorized your application, Instagram redirects them to your redirect_uri with the access_token in the url fragment. It will look like this:

http://your-redirect-uri#access_token=ACCESS-TOKEN

Simply grab the access_token from the URL fragment. Hope this tutorial will help you to get Instagram Access Token Using Client-Side Authentication.