I want to 1) be able to receive updates about the activity in the comments on my instagram page and then 2) to be able to leave a reply.
I far as I understand the products, 1) can be made using Webhooks and 2) requires Instagram Graph API.
My app is intended to be used only by me. However, when I try to go through verification process, the form requires me to show how users can log into the app and so on. This does not apply to me.
The app is really simple: the comment is posted -> Webhook sends an update -> a reply is generated (this is out of the scope of this question) -> a reply is posted using Instagram Graph API from my page. You can see that the app does not have or require any additional UI.
The owner/developer of this chatbot is business, however it does not provide any servicies to other businesses. When applying for verification, I am only requesting 'instagram_manage_comments', however even there they ask me about the user log in (see the attached screenshot).
The account went through business verification already.
I was not able to find the information that is 100% relevant to my case.
The question is: what is the correct way to ask for the verification? Does Instagram support apps without additional UI and logging in? And basically what am I doing wrong?
Thanks in advance!
Related
I've scoured for any information regarding an Open API for Periscope.
I have a twitter feed, that should only show if Periscope is Live (the said user will share the broadcast via Twitter).
I can parse the word "IS LIVE" but then I'd have to parse multiple languages.
I'm looking to check an API if the user is Online in periscope, if so, then display the latest twitter feed (which is the broadcast).
There was this User Online button that could be generated
https://www.periscope.tv/embed
it calls an api like https://embed.periscope.tv/user/bpsdmik.json
but it seems that the certificate is invalid, so I keep getting errors ..
Any help / workarounds would be much appreciated!
I've Searched OPEN Periscope, but mostly requires an Authentication token etc.
There is no open API for Periscope. At least, not that I'm aware of. Which would explain your difficulty in finding anything. The closest thing would be the Unofficial Periscope API, documented by Pmmlabs (the same folks who run the OpenPeriscope project). However, as you've already discovered, most of the calls to the Periscope API, including all user-related calls, require an auth token.
Outside of using the API or screen scraping, the only other way I can think of to tell if a user is live or not is to try accessing their Periscope page directly. When you go to a user's Periscope page at https://www.pscp.tv/{userId}, Periscope will redirect you to that users most recent broadcast, where you can parse the broadcast id from the redirect URL. Once you have the broadcast id of the most recent broadcast, you can use the following API call (which does not require an auth token):
https://api.periscope.tv/api/v2/getAccessPublic?token={broadcastId}
... to determine whether the broadcast is live or not. Look at the JSON response and if the "type" field equals "StreamTypeReplay", then it's a replay, otherwise it's a live broadcast.
I am trying to leverage Facebook comments plug in and push notifications for post on my page. What I am basically trying to do is:
user creates a post
the Facebook comment is dynamically inserted for that post by suffixing id from that post.
The above two are already done in the page.
Now what I want is, when someone posts, a push notification is subscribed if the user allows and when a comment is made a push notification is pushed to the user. The user is identified by the ID of the post as well which is stored on database.
I tried to attach a event handler on Facebook iframe comment box but was thrown with cross origin error.
I was trying webhooks but couldn't work on local host and found I need ngrok to validate my test url. I am posting this to ask is that is my flow even valid or I am seriously misunderstanding the concept. If someone could validate my flow.I will be happy to work on it or I will be just wasting my time.
Here's the link with the Facebook comments applied on post:
https://helpingcow.com/postit/get_share_listings
The facebook have killed "comment.create" event subscriptions.See the answer here to my related question answer.The preferred method is to use webhooks.
As I have already mentioned in question,that I cant use ngrok because it only supports python 3.6 and above and I have 2.7.
But I used localtunnel from npm.It did the work and I have validated my localhost url and test webhooks are now functional.I really dont need the data from the json payload from webhooks but just need a way to get to id of the posted item when the facebook comment is posted but there is no way the client can know about that event unless some server sent events are used.
Since apparently you're not reachable for API questions via email, I guess I'd have to put all the questions in here since it would be tedious to create one for each of them.
So we're planning on creating a webhooks system for our integrations to create a better experience for our users. There are a few pieces that are missing for our end to support having a Podio integration that runs 100% on webhooks.
Support organization level webhooks instead at the space level.
Send full object payload in the webhooks push so we don't need to fetch the resource again. Or at least provide a delta of changes.
Have a secret token header that you send with each request so we can assure the authenticity of the data (that it's actually from Podio and it's not someone trying to hack our system).
Github does a great job with this: https://developer.github.com/webhooks/#delivery-headers.
Ability to unsubscribe from a webhook if the client revokes the OAuth credentials. Do you automatically delete that webhook or do we need to contact the user or you guys to get rid of it?
Trello for instance deletes all webhooks associated with a token if it's revoked or a second option is our server sends a 410 Gone back and the webhook, well you guessed it, it's gone.
Do you think something like this is feasible in the near future?
Thanks for your insights :)
Seems pretty valid point. Are there any particular org operations that you are interested to have webhooks for? Can you also describe some use-cases for org level webhooks?
Sending full object payload is pretty complicated because items in Podio can be extremely big and it might be not needed for webhook to get all details. That's why we keep it small and tiny and let Podio partners build own complicated solutions based on webhooks.
Secret token is not much needed if there is only item_id sent in webhook. Let's review it on item modified scenario.
1) User (or anything else) modifies item
2) item.modified webhook is triggered with item_id
3) 3rd party app receives webhook
4) 3rd party app makes a call to Podio API (if it's needed) and gets all required information from Podio API
So, if webhook request is fake, then Podio API will return same item details and nothing is affected. If you want to have some extra layer of security: why not making webhook URL unique and specific to webhook? Then only Podio will know which URL to use to trigger this webhook.
Ability to unsubscribe from a webhook if the client revokes the OAuth credentials.
Sorry, but I don't understand your question. Can you please re-phrase it as new StackOverflow question?
I have written an app which notifies users when someone make them unfollow (As like as any other apps in this area). Then, I got my app approved by Instagram. After six/seven attempts, they don't approve the app till now. I followed their instructions as feedback and fixed any probable privacy problem which my app might have. But I didn't get any bright answer from them as far.
I throw my app on the following use case:
My product helps brands and advertisers understand, manage their
audience and media rights.
And I wrote my API use cases as follows:
Thank you for considering our request to approve our application. The
required information for enabling live mode for our application is
explained in the following lines:
Q1: How your app does use the Instagram API?
First of all, our user (i.e. brands or advertisers) selects the “Unfollow Finder Service” on our application.
We redirect the user to Instagram login page, as indicated in API documentation, to authorize his account to accessing required scopes.
i. Note that we already told the user everything that we are going to
use.
We tend to call follow APIs whenever the authorized user clicks a button in our application.
Ultimately, we inform the authorized user with the information obtained from step 3.
Q2: How does it fall into one of the approved use cases?
The list of users who recently unfollowed/followed an
Instagram account are definitely crucial and beneficial for the brands
and advertisers on Instagram. In this way, they can get feedback
implicitly from their customers. Our service help them to manage their
audiences and provide better content for them. So, according to Q1,
our use case falls into “My product helps brands and advertisers
understand, manage their audience and media rights.” We never violate
the approved scopes and Instagram's privacy.
Q3: Who will be using your app?
In our region, lots of brands and businesses utilize
Instagram to publish their content. They are the users of our service
and can use it to improve their relation with their audiences. Kind
regards,
As you see, I'm trying to tell them everything in detail. But in my last submission, they declined me with the following feedback:
General issues:
Policy Violation ("Like", "Follow", "Comment" Exchange Program): Your
app shouldn't participate, enable or promote any “like”, “share”,
“comment” or “follower” exchange programs. In working to build a high
quality platform experience, we ask that you comply with our Platform
Policy (http://wwww.instagram.com/about/legal/terms/api/).
I just want permission on follower_list scope from them. The surprising part is that they noted me with almost irrelevant feedback. It seems that they do not want to approve my app at all.
Do I violate their privacy?
Does anyone face this problem? How can I fix it and had my app approved?
Sorry for asking this question here since I almost googled entire web (+Stackoverflow) and find no helpful answer. All of my previous attempts were gone away.
Thanks in advance.
'Background processing' is a terrible term, but I can't think of a better one at this time on a Friday!
I need a specific part of my web app to communicate with twitter - post a status using a single, fixed account. Every twitter oauth tutorial I've seen talks about applications in the general sense - those with multiple users. Does anyone have an example of basic twitter status updating via a non-interactive process?
OK, after a lot of searching and hair-pulling, the answer seems to be:
Go to your app settings page on twitter
Click the 'My Access Token' button in the right hand column
Take a note of the sccess token details on this page
Follow these instructions to use the single-use token details