I've cloned https://github.com/ananay/passport-apple-example and replaced the config with this:
clientID: "com.myname.web",
teamID: "myteamid",
callbackURL: "https://myurldev.com/auth/apple/redirect",
keyID: "mykeyid",
privateKeyLocation: path.join(__dirname, "../apple-key.p8")
I've also added SSL certificate on my machine and starting the server with https, all works fine & is recognized by my browser. I'm also starting the app on port 443 and proxying using my hosts file myurl.dev.com -> 127.0.0.1.
I have the same auth setup for facebook, google & microsoft and everything works fine.
I have:
Created a new APP identifier and enabled Sign in with Apple for it, named it: com.myname.dev
Created a new SERVICE identifier and enabled Sign in with apple, called it: com.myname.web
Added "https://myurldev.com/auth/apple/redirect" to the "Reply URLS" on the service identifier com.myname.web
Set my app identifier com.myname.dev as the main app identifier my service to be grouped with.
Created a private key and enabled sign in with apple, interface confirmed the presence of grouped ID com.myname.web bundled with com.myname.dev for which the key was created.
I have confirmed using console.log that the private key is indeed at the path being passed as parameter.
converted the .p8 file to base64 & then back to UTF-8 in an attempt to use the string for privateKeyString
successfully implemented Apple Oauth several times in the past using passport-apple
This time around, for some reason, auth simply doesn't work.
If I set the clientID as the APP identifier, not the service, I'm getting
invalid_request
Invalid web redirect url.
instead of invalid_client
Any advice on debugging this is highly appreciated. Thank you.
EDIT #1:
I have dug a bit deeper into the passport-apple package to figure out if anything goes against apple's docs around token generation, but the flow never reaches that part, indicating things go wrong on the actual configuration in Apple's console & what I'm trying to use for my project.
EDIT #2
2 of the app Ids I have created always throw "wrong redirect uri" because they're not service IDs so I can't configure redirect_uri, this will change if to "required" if I pass undefined as a redirect_uri.
One of the app ids throws only invalid client_id instead, regardless if I pass undefined or good value for redirect_uri.
EDIT #3
Went full vanilla through the OAuth code flow process and just created a url & redirected the user it, failing with this method is consistent with what is happening when using the passport-apple module.
const url = new URL("https://appleid.apple.com/auth/authorize");
url.searchParams.append("state", "fdbd287b1f");
url.searchParams.append("response_type", "code");
url.searchParams.append("scope", "name email");
url.searchParams.append("response_mode", "form_post");
url.searchParams.append(
"redirect_uri",
"https://raiseitupdev.com/auth/apple/redirect",
);
url.searchParams.append("client_id", "com.myname.web");
return res.redirect(url.toString());
[Creator of the library here.]
Did it stop working in development too? I feel this is a configuration error because the actual thing is working live on my website:
https://passport-apple.ananay.dev
Please follow up on this Github issue. Thanks!
https://github.com/ananay/passport-apple/issues/23
I have been reading the documentation at https://docs.truevault.com/ but I am a little confused. I read this on the true vault site:
If you plan on using any of the server-side libraries, please ensure
any hosting environment you use is HIPAA compliant.
I took this to mean that TrueValut could support a standalone (client side only) mobile application architecture. Where the TrueVault API was the only server side interaction.
However my understanding of the documentation is that:
An API_KEY is required to register a new user.
Any API_KEY provides full access to all data vaults and JSON documents stored in TrueVault.
If both of these assumptions are correct that would mean it would be impossible to register new users directly from the client side app, forcing me to use a costly and resource intensive HIPPA compliment web server. The only way to get around this would be top hard code the API_KEY into the app, an obvious no go if that API_KEY can access all of my TrueVault data.
For my use case I have the following requirements for TrueVault for me to be able to consider using it (I would imagine these requirements are the same for anyone looking to develop a client side only healthcare application):
A user can sign up via the API directly from my client side app without requiring any sensitive keys or root auth data.
A user can authenticate using only the data they provided to sign up (username/email/password). My app is multi platform I cant ask them to remember their API keys to log in.
A user can Read/Write/Update/Delete data linked to their profile. They can not access any data from another user using their credentials.
Is TrueVault able to deliver these three basic requirements?
If the answer to this is "No" I would recommend you update this text on your website as there are not going to me any viable HIPPA compliment applications that can be supported by TrueVault without an independent server side interface.
I'm currently using AWS Lambda as a solution. Lambda is HIPPA compliant, more info here. Lambda is also a low cost solution.
Here is an example of the code I'm running on Lambda using Node.js.
var request = require('request-promise');
var _ = require('lodash');
function encodeBase64(str) {
return (new Buffer(str)).toString('base64');
}
var baseUrl = 'https://api.truevault.com/v1/';
var headers = {
'Content-Type': 'application/x-www-form-urlencoded;charset=utf-8'
};
var req = request.defaults({
baseUrl: baseUrl,
headers: _.extend({
Authorization: 'Basic ' + encodeBase64('your api key:')
}, headers),
transform: function(body) {
return JSON.parse(body);
}
});
exports.handler = function(event, context) {
req.post('users', {
form: {
username: event.email,
password: event.password,
attributes: encodeBase64(JSON.stringify({
name: event.name
}))
}
}).then(function() {
context.succeed({user: user});
}).catch(context.fail);
}
In general, you are correct - if you include zero server-side processing between user and TrueVault, then the API keys will be public. At least, I don't know of any way to avoid this.
That being said, it is incorrect to jump to "any API_KEY provides full access to all data vaults and JSON documents stored in TrueVault." - that's not the case if setup properly.
TrueVault API keys are able to be narrowed in scope quite a lot. Limiting a key to only Write permission on {Vault#1}, a second key to only Read permission on {Vault#2}, a third key to allow uploading Blogs in {Vault#1}, quite a few variations, a forth for deleting information from {Vault#2}, and on as needed. You can also limit permissions specifically to content "owned" by the API key (e.g. user-specific keys) Full documentation here.
There are also limited scope keys (set expiry time, usage count, limit to any of the prior permission scopes). Docs here.
TrueVault also offers user logins separate from API keys which may be better suited if your user are using login credentials. Docs here.
I'm still rather figuring out TrueVault myself (at time of writing at least) so be sure to research and review more for your needs. I'm still torn if the limited scoping is "good enough" for my needs - I'm leaning towards using AWS Lambda (or similar) to be a HIPAA compliant middle man, if only to better hide my access token generation and hide that my data is going to TrueVault and add some "serverless-server-side" data validation of sorts.
I'm in the process of embedding my image feed in my website using JSON, the URL needs my user id so I can retrieve this feed.
So, where can I find/get my user id?
Update in Jun-5-2022, Instagram API no longer use Bearer Token for authentication. But I find another useful API. All you need is added extra header X-IG-App-ID with "magic value".
https://i.instagram.com/api/v1/users/web_profile_info/?username=therock
Use can use my docker container Insta-Proxy-Server to bypass the authentication.
https://hub.docker.com/repository/docker/dockerer123456/insta-proxy-server
Demo video (I just run directly from source code): https://www.youtube.com/watch?v=frHC1jOfK1k
Update in Mar-19-2022, the API is require login now. Sorry for the bad news.
But we can solve this problem in two ways.
Using my C# lib, login using your account (without any Instagram app token stuff and graph api.)
In case the lib failed (I'm no longer maintain it long time ago), create a proxy server with logged in instagram account.
[Your app] --> [Proxy server] --> [Instagram] --> [Proxy server] -(forward)-> [Your app]
For Proxy server, you can use Nodejs app which install Chromium headless module (Puppeteer for example), logged in with an instagram account.
Proof of concept:
https://www.youtube.com/watch?v=ZlnNBpCXQM8
https://www.youtube.com/watch?v=eMb9us2hH3w
Update in June-20-2019, the API is public now. No authentication required.
Update in December-11-2018, I needed to confirm that this endpoint still work.
You need to login before sending request to this site because it's not public endpoint anymore.
Update in Apr-17-2018, it's look like this endpoint still working (but its not public endpoint anymore), you must send a request with extra information to that endpoint. (Press F12 to open developer toolbar, then click to Network Tab and trace the request.)
Update in Apr-12-2018, cameronjonesweb said that this endpoint doesn't work anymore. When he/she trying to access this endpoint, 403 status code return.
You can get user info when a request is made with the url below:
https://www.instagram.com/{username}/?__a=1
E.g:
This url will get all information about a user whose username is therock
https://www.instagram.com/therock/?__a=1
Enter this url in your browser with the users name you want to find and your access token
https://api.instagram.com/v1/users/search?q=[USERNAME]&access_token=[ACCESS TOKEN]
Working solution without access token as of October-14-2018:
Search for the username:
https://www.instagram.com/web/search/topsearch/?query=<username>
Example:
https://www.instagram.com/web/search/topsearch/?query=therock
This is a search query. Find the exact matched entry in the reply and get user ID from the entry.
Easily Get USER ID and User Details
https://api.instagram.com/v1/users/search?q=[ USER NAME ]&client_id=[ YOU APP Client ID ]
For Example:
https://api.instagram.com/v1/users/search?q=zeeshanakhter2009&client_id=enter_your_id
Result:
{"meta":{"code":200},"data":[{"username":"zeeshanakhter2009","bio":"http://about.me/zeeshanakhter","website":"http://zeeshanakhter.com","profile_picture":"http://images.ak.instagram.com/profiles/profile_202090411_75sq_1377878261.jpg","full_name":"Zeeshan
Akhter","id":"202090411"}]}
Most of the methods are obsolete since June, 1/2016 api changes
Below worked for me,
access instagram on your browser say chrome, safari or firefox.
Launch developer tools, go to console option.
on command prompt enter below command and hit enter:
window._sharedData.entry_data.ProfilePage[0].user.id
If you are lucky, you will get at first attempt, if not, be patient, refresh the page and try again. keep doing until you see user-id. Good luck!!
Instead of using the API, one can examine the Instagram userpage to get the id. Example code in PHP:
$html = file_get_contents("http://instagram.com/<username>");
$doc = new DOMDocument();
$doc->loadHTML($html);
$xpath = new DOMXPath($doc);
$js = $xpath->query('//body/script[#type="text/javascript"]')->item(1)->nodeValue;
$start = strpos($js, '{');
$end = strrpos($js, ';');
$json = substr($js, $start, $end - $start);
$data = json_decode($json, true);
$data = $data["entry_data"]["UserProfile"][0];
# The "userMedia" entry of $data now has the same structure as the "data" field
# in Instagram API responses to user endpoints queries
echo $data["user"]["id"];
Of course, this code has to be adapted if Instagram changes its page format.
Currently there is no direct Instagram API to get user id from user name. You need to call the GET /users/search API and then iterate the results and check if the username field value is equal to your username or not, then you grab the id.
I wrote this tool for retrieving Instagram IDs by username: Instagram User ID Lookup.
It utilizes the python-instagram library to access the API and includes a link to the source code (written on Django), which illustrates various implementations of the Instagram API.
Update: Added source code for port to Ruby on Rails.
I tried all the aforementioned solutions and none works. I guess Instagram has accelerated their changes. I tried, however, the browser console method and played around a bit and found this command that gave me the user ID.
window._sharedData.entry_data.ProfilePage[0].graphql.user.id
You just visit a profile's page and enter this command in the console. You might need to refresh the page for this to work though. (I had to post this as an answer, because of my low reputation)
You need to use Instagrams API to convert your username to id.
If I remember correctly you use users/search to find the username and get the id from there
Most of these answers are invalid after the 6/1/2016 Instagram API changes. The best solution now is here. Go to your feed on instagram.com, copy the link address for any of your pictures, and paste it into the textbox on that page. Worked like a charm.
to get your id, make an authenticated request to the Instagram API users/self/feed endpoint. the response will contain, among other data, the username as well as the id of the user.
Go to the api console & copy link https://api.instagram.com/v1/users/self in text field and authenticate using your instagram id & password, you will get your id in response
This can be done through apigee.com Instagram API access here on Instagram's developer site. After loging in, click on the "/users/search" API call. From there you can search any username and retrieve its id.
{
"data": [{
"username": "jack",
"first_name": "Jack",
"profile_picture": "http://distillery.s3.amazonaws.com/profiles/profile_66_75sq.jpg",
"id": "66",
"last_name": "Dorsey"
},
{
"username": "sammyjack",
"first_name": "Sammy",
"profile_picture": "http://distillery.s3.amazonaws.com/profiles/profile_29648_75sq_1294520029.jpg",
"id": "29648",
"last_name": "Jack"
},
{
"username": "jacktiddy",
"first_name": "Jack",
"profile_picture": "http://distillery.s3.amazonaws.com/profiles/profile_13096_75sq_1286441317.jpg",
"id": "13096",
"last_name": "Tiddy"
}]}
If you already have an access code, it can also be done like this:
https://api.instagram.com/v1/users/search?q=USERNAME&access_token=ACCESS_TOKEN
Well you can just call this link
http://jelled.com/ajax/instagram?do=username&username=[USER_NAME_GOES_HERE]&format=json
Although it's not listed on the API doc page anymore, I found a thread that mentions that you can use self in place of user-id for the users/{user-id} endpoint and it'll return the currently authenticated user's info.
So, users/self is the same as an explicit call to users/{some-user-id} and contains the user's id as part of the payload. Once you're authenticated, just make a call to users/self and the result will include the currently authenticated user's id, like so:
{
"data": {
"id": "1574083",
"username": "snoopdogg",
"full_name": "Snoop Dogg",
"profile_picture": "http://distillery.s3.amazonaws.com/profiles/profile_1574083_75sq_1295469061.jpg",
"bio": "This is my bio",
"website": "http://snoopdogg.com",
"counts": {
"media": 1320,
"follows": 420,
"followed_by": 3410
}
}
If you are using implicit Authentication must have the problem of not being able to find the user_id
I found a way for example:
Access Token = 1506417331.18b98f6.8a00c0d293624ded801d5c723a25d3ec
the User id is 1506417331
would you do a split single seperated by . obtenies to acces token and the first element
I think the best, simplest and securest method is to open your instagram profile in a browser, view source code and look for user variable (ctrl+f "user":{") inside main javascript code. The id number inside user variable should be your id.
This is the code how it looked in the moment of writing this answer (it can, and probably will be changed in future):
"user":{"username":"...","profile_picture":"...","id":"..........","full_name":"..."}},
Here is how you can retrieve your user id from a username:
$url = "https://api.instagram.com/v1/users/search?q=[username]&access_token=[your_token]";
$obj = json_decode(#file_get_contents($url));
echo $obj->data[0]->id;
You can do this by using Instagram API ( User Endpoints: /users/search )
how-to in php :
function Request($url) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HEADER, 0);
$result = curl_exec($ch);
curl_close($ch);
return $result;
}
function GetUserID($username, $access_token) {
$url = "https://api.instagram.com/v1/users/search?q=" . $username . "&access_token=" . $access_token;
if($result = json_decode(Request($url), true)) {
return $result['data'][0]['id'];
}
}
// example:
echo GetUserID('rathienth', $access_token);
Here is a really easy website that works well for me:
http://www.instaid.co.uk/
Or you can do the following replacing 'username' with your Instagram username
https://www.instagram.com/username/?__a=1
Or you can login to your Instagram account and use google dev tools and look at the cookies that have been stored. 'ds_user_id' is your user ID
Working Solution December 14, 2020
For simple usage like 3rd party tools that require an Instagram user ID (like embedding an image feed) I tend to use:
https://www.thekeygram.com/find-instagram-user-id/
because it makes it really easy to copy and paste the Instagram user ID that I am looking for. Unlike most tools I get the results fast, it's free and there are no ads. I recommend you watch the youtube video before using it so you can see how simple it is and get an idea of how it's used:
https://www.youtube.com/watch?v=9HvOroY-YBw
For more advanced usage I recommend:
https://www.instagram.com/{username}/?__a=1
(replace username with the requested username)
For example to find the user ID of the username "instagram" you would use:
https://www.instagram.com/instagram/?__a=1
This is the most advanced way which returns a JSON response and it's great if you are building an app that requires the raw data. You can save it in a database or build some type of front end UI to display it. Example: for a dashboard or on a website. Also, using the url is great because you can get additional attributes about users such as their total follower count and profile bio.
Since adding ?__a=1 to a profile URL is not working anymore to get a user ID from a username, we can do it with cURL and jq (the new API endpoint can be found in the network requests of Instagram web version, for example with Firefox Developer Tools):
curl -s 'https://i.instagram.com/api/v1/users/web_profile_info/?username=alanarblanchard' -H 'X-IG-App-ID: 936619743392459' | jq -r .data.user.id
If you are using Instagram in a web browser, you don't need to use the command above and can check the response of the HTTP request directly.
You may also be interested in finding the username from a user ID, in case someone changes frequently the username. I added an answer here: Instagram get username from userId
https://api.instagram.com/v1/users/search?q="[USERNAME]"&access_token=[ACCESS TOKEN]
Please notice the quotation marks.
This does not always return a valid result but more often than non-quoted one:
https://api.instagram.com/v1/users/search?q="self"&count=1&access_token=[ACCESS TOKEN]
returns user "self" (id: 311176867)
https://api.instagram.com/v1/users/search?q=self&count=1&access_token=[ACCESS TOKEN]
returns user "super_selfie" (id: 1422944651)
Working solution ~2018
I've found that, providing you have an access token, you can perform the following request in your browser:
https://api.instagram.com/v1/users/self?access_token=[VALUE]
In fact, access token contain the User ID (the first segment of the token):
<user-id>.1677aaa.aaa042540a2345d29d11110545e2499
You can get an access token by using this tool provided by Pixel Union.
Python solution with Instaloader external library (install it first with pip)
import instaloader
YOUR_USERNAME = "Your username here"
USERNAME_OF_INTEREST = "Username of interest here"
L = instaloader.Instaloader()
L.interactive_login(YOUR_USERNAME)
profile = instaloader.Profile.from_username(L.context, USERNAME_OF_INTEREST)
print(profile.userid)
With this kind of questions about constantly changing private APIs, I recommend to rely on actively developing libraries, not on the services or answers.
First Create an Application on Instagram and get Client Id for your application
http://instagram.com/developer/
Now just copy paste following Url into browser window by replacing your Username and your Client Id
https://api.instagram.com/v1/users/search?q=[Your-username]&client_id=[Your-Client-Id]
you will get a Json Result containing General Information about your account along with your Numeric user Id
UPDATED 2021
Just go to Facebook Apps choose your app connected with Instagram and you will see your Instagram ID: ********
Note https://www.instagram.com/{username}/?__a=1 was NOT working for me, so this is not a solution in 2021 if you want to use the Instagram Graph API
As of june 2022, you can to run or intercept a special HTTP request in order to successfully get the user data (and user ID). If you use Puppeteer, you can intercept the request that Instagram makes in the browser, and read its response. Example code:
const username = 'user.account';
const page = await browser.newPage();
const [foundResponse] = await Promise.all([
page.waitForResponse((response) => {
const request = response.request();
return request.method() === 'GET' && new RegExp(`https:\\/\\/i\\.instagram\\.com\\/api\\/v1\\/users\\/web_profile_info\\/\\?username=${encodeURIComponent(username.toLowerCase())}`).test(request.url());
}),
page.goto(`https://instagram.com/${encodeURIComponent(username)}`),
]);
const json = JSON.parse(await foundResponse.text());
console.log(json.data.user);
See discussion here: https://github.com/mifi/SimpleInstaBot/issues/125#issuecomment-1145354294
See also working code here: https://github.com/mifi/instauto/blob/2de64d9a30dad16c89a8c45f792e10f137a8e6cb/src/index.js#L250