Open in app

Sign in

Write

Sign in

Login & Session

InstaAuthAPI

Instagram Login and Session management library for android developers.

Gayan Lakshitha
4 min readAug 13, 2019

In most enterprise mobile applications, the primary user authentication method is that registering the user by providing app specific information and login by providing the same valid information. Currently this method effects to the UX (User Experience) badly because it’s really time consuming. But social media gives us a good solution for this problem. With this solution there is no need to create an extra account for the application, using existing social media account we’re able to authenticate user for the application.

Instagram is a one of popular social media network but currently there is no SDK published to perform login and manage sessions for android applications. In this article I’m going to introduce a simple 3rd party library to perform above use cases for android app developments.

V1.0.1 — Initial Launch

Target Scope

  1. Simpler User Authentication
  2. Session Management

Simpler User Authentication is similar as Facebook authentication process. It provides a dialog box to fill out client’s Instagram username and password and redirect to the given web address after a successful login. But this is the normal path of the library. On the other side, the library provides better ways to handle app use cases also. As an example, there can be an application which handle only the authentication part and no need to redirect to a custom page after authentication. This scenario can be handle by the library easily.

Once a user has authenticated successfully, the library maintain the relevant session automatically. That means, the developer is able to Manage current authenticated user from anywhere of the application. More than that, the library provides better error handling UI for the application. When the network errors and run-time http service errors have occured the library will handle them by proper UI by it self.

Http Error Dialog

Setup

1.Project Gradle

Add the code segment given below to the build.gradle(Project) file.

InstaAuth build.gradle(Project)

2.App Gradle

Add the code segment given below to the build.gradle(App) file.

InstaAuthAPI build.gradle(App)

3.Permission

Add INTERNET permission to the Android Manifest file.

Manifest Permission

Prepare a sandbox User

It’s time to create an Instagram sandbox user for testing purposes. Please use the URL given below to navigate to the Instagram Developer Console.

https://www.instagram.com/developer/clients/register/

After the registration process you will be able to have the client_id and the redirect_url for the sandbox user.

Time to Code

Initialize InstaAuthAPI client

In your activity, create a new InstaAuthAPI client by providing the client_id (Mandatory) and the redirect_url (Optional)

InstaAuthAPI Client

In the builder, you will see there is a method called setRedirectOnSuccess(true) by giving true for the value, once the user has authenticated successfully, the app will redirect to the given redirect URL automatically or when you set it as false and then the user has authenticated successfully, the dialog will dismiss automatically. In some cases we really do not want to redirect the user to another page. Now it's time to use the initiated client.

InstaAuthAPI Login Request

InstaAuthAPI client has a public method called login() By invoking this method you will able to have the profile data of the authenticated user using InstagramSessionHandler() interface and the session will be handled automatically. Once you are done the authentication part, now you will be able to handle the Instagram session from anytime anywhere. Here is a code sample which show you to fetch the user data from InstaAuthAPI session using interfaces.

InstaAuthAPI Default Client

In this code segment we will not initiate an another InstaAuthAPI client but we need to provide the activity context as a parameter.

Is session available

What if you need to check whether the Instagram session is still available in the application. Use the below code segment

LogOut

To perform Instagram logOut action just use the code segment given below. The sessions will be destroyed automatically.

InstaAuthAPI Logout

Disable Client-Side (Implicit) Authentication

(From Instagram Developer Documentation)

The Implicit OAuth Grant flow was created for java-script or mobile clients. Many developers use this flow because of its convenience. Unfortunately, malicious developers can also use this flow to trick people into authorizing your OAuth Client. They can collect access tokens and then make API calls on behalf of your app. When this occurs, your OAuth Client could be banned from the platform by our spam detection systems.

If your app is powered by a server infrastructure, you can disable the Client-Side (Implicit) OAuth flow by checking the Disable implicit OAuth setting in your OAuth Client configuration. If checked, Instagram will reject Client-Side (Implicit) authorization requests and only grant Server-Side (Explicit) authorization requests. This setting helps protect your app because the Server-Side (Explicit) OAuth flow requires the use of your Client Secret, which should be unknown to malicious developers.

Happy Coding!!! :)

Oauth
Instagram
Android
Authentication
Libraries

--

--

Gayan Lakshitha

Written by Gayan Lakshitha

35 Followers

https://gligerglg.github.io/

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams