Receiving "400 Bad Request" for /oauth/access_token

Question

I have approved for public_content clientId. To get access token, I send a request to www.instagram.com:

GET /oauth/authorize?client_id=MyClientId&redirect_uri=MyRedirectURL&response_type=code&scope=likes+comments+public_content HTTP/1.1`

After authentication, the browser redirects me to MyRedirectURL and I can get the code from the URL.

With this code I send a request to api.instagram.com:

/oauth/access_token HTTP/1.1

client_id=MyClientId&client_secret=MyClientSecret&grant_type=authorization_code&redirect_uri=MyRedirectURL&code=CodeFromURL`

But sometimes I get response HTTP/1.1 400 Bad Request. This situation continues for a few hours, and sometimes for a day. It is interesting that the problem is very unstable. I may have two client apps that make identical requests, and one app will work fine, while the other will fail at the same time. Looks like it is a problem somewhere in the Instagram infrastructure.

I also have two apps using the same API credentials, maybe it has something to do with that — shakked, Jun 17 '16 at 16:46
I have a similar issue: http://stackoverflow.com/questions/37898044/instagram-api-prevents-redirection-to-ios-app-upon-successful-login — JAHelia, Jun 18 '16 at 17:16
still having this issue today. Anyone found a resolution or had an official response from Instagram? I submitted a bug report via the dev console — football, Jun 21 '16 at 14:30
i am getting `{ "code": 400, "error_type": "OAuthException", "error_message": "You must provide a client_id" }` — Hiren patel, Jun 23 '16 at 12:28
Changing ContentType to x-www-form-urlencoded resolves this problem. — Stanislav Kychanov, Jul 22 '16 at 13:50

score 1 · Answer 1 · answered Jun 23 '16 at 19:01

1

Instagram is no longer supporting custom schemas for your callback urls. That was my problem, I changed it to https and the problem was solved.

answered Jun 23 '16 at 19:01

Will Jayne

19
2

Do you have a link to an official statement? – KABoissonneault Jun 23 '16 at 19:03
Not that I've seen, but there have been a lot of changes in their terms and other things recently. – Will Jayne Jun 23 '16 at 19:04
If you dont have any link to official statement then how can you be so sure ? – Hiren patel Jun 24 '16 at 04:23
so how do you redirect back to your application without a custom scheme? – Jeremy Moyers Jun 24 '16 at 22:13
how do we redirect back to our app then? – sudoExclaimationExclaimation Jun 26 '16 at 07:14
I use http/https in my case. – Stanislav Kychanov Jul 04 '16 at 11:17

score 0 · Answer 2 · answered Jun 30 '16 at 10:10

0

I think you should prefer this document of Instagram.

You may also receive responses with an HTTP response code of 400 (Bad Request) if we detect spammy behavior by a person using your app. These errors are unrelated to rate limiting.

answered Jun 30 '16 at 10:10

Quang Dam

305
3
15

Is there any way to recognize this situation? – Stanislav Kychanov Jul 05 '16 at 17:51
I am not sure, but you don't have any way to recognize it. – Quang Dam Jul 06 '16 at 06:45

score 0 · Answer 3 · answered Jun 30 '16 at 10:36

0

It seems like , we can not use http://localhost/... in call back url. Instagram may have restricted it.

It worked for me, when I have added live Ip of my aws server. for example http://xx.xx.xx.xx/.. instead of localhost.

answered Jun 30 '16 at 10:36

Hiren patel

971
8
25

Receiving "400 Bad Request" for /oauth/access_token

3 Answers3