Instagram guide

Learn how to implement a custom Instagram authentication flow inside your application using the postpress API.

Step 1: Authenticate to Instagram

Retrieving your Instagram credentials

To authenticate an Instagram account, the user provides their Instagram username and password. Authentication via Facebook credentials is not supported at the moment.

Authentication request

POST to the accounts endpoint with the user's credentials, or call the matching SDK method.

curl --request POST \
     --url https://api.postpress.ai/v1/accounts \
     --header 'X-API-KEY: ${POSTPRESS_API_KEY}' \
     --header 'accept: application/json' \
     --header 'content-type: application/json' \
     --data '{
  "provider": "INSTAGRAM",
  "username": "your_username",
  "password": "********"
}'

Step 2: Handle the 2FA checkpoint

If the Instagram account has two-factor authentication enabled, the API returns a checkpoint with a 202 status. Example response:

{
  "object": "Checkpoint",
  "account_id": "098dez89d",
  "checkpoint": {
    "type": "2FA"
  }
}

At this point a new authentication intent starts. The intent lasts 5 minutes and every checkpoint must be solved inside that window.

Step 3: Solve the 2FA checkpoint

POST the 2FA code to the solve-checkpoint endpoint or call the SDK, passing the account_id returned by the first request.

curl --request POST \
     --url https://api.postpress.ai/v1/accounts/checkpoint \
     --header 'X-API-KEY: ${POSTPRESS_API_KEY}' \
     --header 'accept: application/json' \
     --header 'content-type: application/json' \
     --data '{
  "provider": "INSTAGRAM",
  "account_id": "098dez89d",
  "code": "******"
}'

The response indicates whether the account is successfully connected.

Step 4: Handle intent timeout

If the user takes more than 5 minutes to solve the checkpoint, the account will not be connected. Any later request against that intent first returns a 408 Request Timeout, then a 400 Bad Request as the authentication intent self-destructs.