Authentication

Apps connect to Instagram Analytics Minter.io using OAuth 2.0, the standard used by most APIs for authenticating and authorizing users. The following walkthrough will show you how to authenticate a user.

1. Initial Setup

Before you can start using OAuth 2.0 with your application, you’ll need to tell Minter.io a bit of information about your application

  • Create your application here.
  • Set your Name, Description and Redirect URI
  • Make a note of both your client_id and client_secret.

2. The First Leg

Direct your user to https://minter.io/oauth/authorize through a GET request with the following parameters:

response_type
required
Whether the endpoint returns an authorization code. For web applications, a value of code should be used.
client_id
required
The client_id you obtained in the Initial Setup.
redirect_uri
required
An URL where the response will be redirected. Must be registered with Minter.io in the application console.

A sample GET request could therefore look like:

https://minter.io/oauth/authorize?response_type=code&client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}

3. The User Experience

At this point, you’ve forwarded the user to Minter.io’s authorization page:

After clicking either Authorize or Cancel, you’ll receive a response from Minter.io, as outlined in the next section.

4. Handling the Response

If the user clicked Authorize in the previous screen, Minter.io will redirect to the URI you specified earlier with a code parameter. For example, if your redirect URI was http://localhost/, Minter.io would redirect to:

http://localhost/?code=123456

However, if the user clicked Cancel, you will receive a request with an error parameter, such as:

http://localhost/?error=access_denied

5. Getting the Access Token

Once your application has completed the above section and gotten an authorization code, it’ll now need to exchange the authorization code for an access token from Minter.io.

To get the access_token, you’ll need to make a POST request to https://minter.io/oauth/token with the following parameters:

grant_type
required
Must be authorization_code
code
required
The authorization code you retrieved previously
client_id
required
client_id gotten from Minter.io in Initial Setup
client_secret
required
client_secret gotten from Minter.io in Initial Setup
redirect_uri
required
redirect_uri gotten from Minter.io in Initial Setup

📘

Request

The requests must be over HTTPS and the parameters must be URL encoded.

An example request in cURL looks like:

curl https://minter.io/oauth/token \
    -d 'grant_type=authorization_code&code={CODE}&client_id={CLIENT_ID}&client_secret={CLIENT_SECRET}&redirect_uri={REDIRECT_URI}' \
    -X POST

If everything goes right and the request is successful, you’ll receive a 200 response containing a JSON body like this:

{"access_token": "<ACCESS_TOKEN>", "token_type": "Bearer", "refresh_token": "<REFRESH_TOKEN>", "scope": "basic"}

However, if the response is not successful, you’ll receive an error response, such as this:

{"error": "access_denied"}

👍

Success!

Now, you can use your Access Token.