When to Create a Custom OAuth App

CData embeds OAuth Application Credentials with CData branding that can be used when connecting via a desktop application or headless application. Web applications require a custom OAuth application. You may choose to use your own OAuth Application Credentials when you want to

• control branding of the Authentication Dialog
• control the redirect URI that the application redirects the user to after the user authenticates
• customize the permissions that you are requesting from the user

Allow Access to Instagram Data

To allow users to connect through the provider, complete the tasks below:

1. Connect a Facebook Page to an Instagram account.
2. Create and register the provider as an app with Instagram.
3. Submit your app for Facebook's review.

Connect a Facebook Page to an Instagram Account

To access Instagram data, users need a role on a page that is associated with an Instagram account. Any user with a role on the page has access.

To connect a page and an Instagram account, log into Facebook and from your Page's settings, click Instagram, and log into your Instagram account. If your account is not an Instagram Business Account, follow the prompts to set up a business profile.

Create and Register the App

Register an app to obtain the values for the OAuthClientId and OAuthClientSecret properties. The OAuth client credentials authenticate the provider to Facebook.

1. Log into Facebook and navigate to https://developers.facebook.com/apps.
2. Select Create App and provide a name on the App Details page.
3. On the Use Cases page, select Manage messaging and content on Instagram. Note that you may need to change the filter to All for this option to appear.
4. Optionally, on the Business page, select a business to connect to the app.
5. Once the app has been created, go to the Use Cases page and select Customize next to Manage messaging and content on Instagram. On the Permissions and features page, add the following permissions:
   • instagram_basic
   • instagram_manage_comments
   • instagram_manage_insights

   On the API setup with Facebook login page, add the required permissions.

   See the Data Model section for detailed information about the scopes required for specific tables.

6. Go to the Facebook Login for Business dropdown and select the Settings page. Add a redirect URI under Valid OAuth Redirect URIs and then save the changes. Note that the CallbackURL in your connection string must match the value set here.
   • If you are building a desktop application, set the redirect URI to https://localhost:33333/ or a similar https url.
   • If you are building a web application, set the redirect URI you want to be used as the callback URL that users return to with the token that verifies that they have granted your app access.
7. Go to the App Settings dropdown and select the Basic page. The OAuthClientId is the App Id displayed. The OAuthClientSecret is the App Secret.
8. Go to the Publish page and publish the app. Note that before you are allowed to publish, you may be required to test certain scopes, link a privacy policy page (not used for authentication), and undergo app review in some cases.

Authenticate to Instagram

Desktop Applications

After setting the following connection properties, you are ready to connect:

• OAuthClientId: Set this to the App Id for your OAuth app.
• OAuthClientSecret: Set this to the App Secret for your OAuth app.
• InitiateOAuth: Set this to GETANDREFRESH. You can use InitiateOAuth to avoid repeating the OAuth exchange and manually setting the OAuthAccessToken.
• BusinessAccountId: If you have more than one Facebook page connected with an Instagram account, set the BusinessAccountId connection property to specify the Id of a business account you have associated with a Facebook page.

  You can get a business account Id by querying the Page view.

When you connect, the provider opens the OAuth endpoint in your default browser. Log in and grant permissions to the application. The provider then completes the OAuth process:

1. Extracts the access token from the callback URL and authenticates requests.
2. Obtains a new access token when the old one expires.
3. Saves OAuth values in OAuthSettingsLocation. These values persist across connections.

Web Applications

Follow the steps below to use the provider to get the OAuth token values and connect from a web application. Get an Access Token

Set the following connection properties to obtain the OAuthAccessToken:

• OAuthClientId: Set this to the App Id in your app settings.
• OAuthClientSecret: Set this to the App Secret in your app settings.

Then follow these steps to complete the OAuth exchange:

1. Call the GetOAuthAuthorizationURL stored procedure. Set the AuthMode input to WEB and set the CallbackURL input to the OAuth redirect URI you specified in your app settings. The stored procedure returns the URL to the OAuth endpoint.
2. Log in and authorize the application. You are redirected back to the callback URL.

   The callback URL contains the verifier code in a query string parameter. Extract the verifier code from the callback URL.

3. Set the following parameters and call GetOAuthAccessToken:

   Name	Value
   AuthMode	WEB
   Verifier	Set this to the verifier code.
   CallbackURL	Set this to the callback URL in your app settings.

Connect to Data To make requests to Instagram, set the OAuthAccessToken property. The OAuthAccessToken has a limited lifetime. When the token expires, you need to call the preceding stored procedures to reauthenticate.

Connect to Multiple Pages

If you have more than one Facebook page connected with an Instagram business account, set BusinessAccountId in addition to OAuthAccessToken. The BusinessAccountId property specifies the Id of a business account you have associated with a Facebook page.

You can get a business account Id by querying the Page View.