12

Is there a way for the instagram auth(login) to always ask for authentication? This is skipped when the user is logged in and has already authorized the app.

It would be something like twitter's use_authorize=true or google's approval_prompt=force.

index
  • 3,697
  • 7
  • 36
  • 55
  • Did you find how to force it ? – Plumillon Forge Oct 13 '14 at 15:04
  • @PlumillonForge No as well. Have you? I just left it like that for now... – index Nov 20 '14 at 06:19
  • I have actually done it ! For Android answer : http://stackoverflow.com/questions/26378345/switch-user-or-re-authenticate-with-instagram But you can adapt this to whatever you want, the point is to delete the Instagram cookie sessionid from your browser – Plumillon Forge Nov 20 '14 at 11:01

3 Answers3

4

I believe that the most simple way is to use next url:

https://instagram.com/accounts/logoutin/?force_classic_login=&next=URLENCODED_INSTAGRAM_OAUTH_URI_PATH_WITH_YOUR_DATA

For example:

window.location.assign('https://instagram.com/accounts/logoutin/?force_classic_login=&next=' + encodeURIComponent('/oauth/authorize/?response_type=code&scope=public_content+follower_list+comments&client_id='+ YOUR_IG_CLIENT_ID + '&redirect_uri='+encodeURIComponent(YOUR_REDIRECT_URI)));

Please take a note that your redirect uri should be encoded twice

listar
  • 160
  • 1
  • 11
  • What was the URL you're using? I feel like that has something to do with it, as I'm guessing instagram is going to sanitize the "next" parameter – mpowered Aug 31 '16 at 17:53
  • something like this: https://instagram.com/accounts/logoutin/?force_classic_login=&next=%2Foauth%2Fauthorize%2F%3Fresponse_type%3Dcode%26scope%3Dpublic_content%2Bfollower_list%2Bcomments%26client_id%3D00000000000000000000000000000000%26redirect_uri%3Dhttps%253A%252F%252Fexample.com%252Fa%252Fa%253Ft%253Dig%2526u%253D0%2526g%253D0 (domain and client id are not real here) – listar Sep 01 '16 at 02:30
  • 1
    Hmm... that's weird. That's what I'm using, but it's not forcing the login. Thanks for the responses :-) – mpowered Sep 01 '16 at 16:56
  • Yeah, this works and is the right answer IMO. The `next` parameter needs to be a relative URL within the Instagram web app so `/oauth/authorize...` is fine, but `https://mywebapp/auth` won't work. – Tim Fletcher Nov 22 '17 at 16:48
1

I managed to get it working:

I try loading an image with the url of the instagram logout page before opening the authorize popup.
Something like this (coffeescript):

windowOpen = ->
    window.open("/instagram/authorize?...")

if forceLogin
    tryLogout().always ->
        windowOpen()

And the tryLogout function (setTimeout 10seconds as a fallback)

tryLogout: ->
    deferred = $.Deferred()
    logOutImg = new Image()

    logOutImg.onerror = ->
        deferred.resolve()
    logOutImg.onload = ->
        deferred.resolve()

    logOutImg.src = 'https://instagram.com/accounts/logout/'

    setTimeout(->
        deferred.reject()
    , 10000)

    return deferred.promise()
nicolast
  • 787
  • 7
  • 20
  • 1
    This is not... a "reasonable" solution. You don't want to log people out of their instagram accounts, just reconfirm that they want to associate a service with that particular instagram account. – mpowered Sep 01 '16 at 16:58
  • @mpowered then i didn't understand the question – nicolast Sep 17 '16 at 16:43
-1

Here is the solution : you have to delete the Instagram cookie named sessionid from your browser so Instagram doesn't recognize you anymore

Solution for Android is here : https://stackoverflow.com/a/26847187/328845

Community
  • 1
  • 1
Plumillon Forge
  • 1,659
  • 1
  • 16
  • 31