This agent is designed to run as a small, self-contained app on Heroku (though there are other ways to run it if you prefer). By default, it runs using free services and will keep your token up to date once set up correctly.
This agent is designed to work with libraries like instafeed.js which need a valid token to operate. These tokens need to be periodically refreshed - Instagram Token Agent takes care of that for you.
To begin, you'll need the following:
- A Facebook Developer account
- An Instagram account
- A Verified Heroku account (Verification uses a credit card, though running the Token Agent will not cost you anything.)
1. Follow steps 1 - 3 here to create an application on Facebook to connect to Instagram.
2. Use the User Token Generator to create a starting access token. Copy this token and keep it handy for the next step.
3. Click this handy 'Deploy' button:
4. On the page that follows, fill in the following values:
- App name: Make up a name for your app - it needs to be unique, like a username. Something like
your-name-token-agent
will do.
Under 'Config vars':
- App name: Copy+paste your app name here as well.
- Starting Token: Paste your initial token from Facebook here.
Everything else can be left as default.
5. Click Deploy App.
The deployment process can take a minute or so. Once complete, you'll see a View button to visit your new application. The following setup pages include instructions on how to use your new tokens.
The instructions in your new token agent app will provide you with two simple ways to access your token value from your site:
-
JS Snippet: Just include the
<script>
tag in your page, before any code that need to use the token, and you'll have access to a global constant calledInstagramToken
by default. If you'd like your constant named something else, add?const=SomeOtherName
to the script's address. -
JSON Object: If you'd like a JSON object instead, call
/token.json
- you'll get an object with a single keytoken
, with the value of your token.
Check out a demo of these access methods.
Instagram Token Agent is designed to be configured using Heroku's web UI or CLI. It understands the following environment variables:
Key | Description | Default |
---|---|---|
HIDE_HELP_PAGES |
Set to true to turn off the setup pages that aren't needed in production. |
none (Help pages display by default) |
ALLOWED_DOMAINS |
White-list of the domains that can request the token via JS snippet or JSON object | none (any domain is allowed) |
REFRESH_MODE |
How should the refresh schedule work? Currently, only 'cron' is allowed, which refreshes on a set schedule | cron |
REFRESH_FREQUENCY |
How often should we refresh the token? Currently 'daily', 'weekly', 'monthly' are supported. | weekly |
JS_CONSTANT_NAME |
Set the name of the constant provided by the JS snippet | InstagramToken |
To set these options in the Heroku dashboard, click the 'Settings' tab in your app, then Reveal Config Vars.
By default, apps using the Instagram Basic Display API are limited to 200 requests per hour, but there's a (relatively simple way to extend that](https://github.com/companionstudio/instagram-token-agent/wiki/Instagram-API-Limits).
Basic Display API integrations have a per-user request limit which is unpublished and currently can't be extended.
This app is designed to run using free plans and add-ons at Heroku, and be configurable via Heroku's interface, so you don't need to use the CLI if you don't want to.
Here are the main parts and what they do:
- Heroku free dyno: This serves the requests for tokens. Free dynos are limited in the amount of work they can do per month, but this should be ample for most sites just serving tokens.
- Temporize Scheduler: This service schedules the app to refresh the token with Instagram to keep it working. Currently this happens once a week.
- Heroku Postgres: The database that stores the token value
- MemCachier: This caches the token payloads the agent sends out to keep things fast and take load off of the free dynos.
Each installation of the agent is independent and self-contained. There's no 'phoning-home' or any other sending of data from your app to Companion Studio or anyone else.
This is a first cut of this application, and there are still a lot of things to be done:
- Add tests (!)
- Improve documentation and setup instructions
- Investigate a simpler scheduling/refresh solution
- Work out a nice way to trigger the refresh tasks within the app or in heroku
Add a switch to turn the 'hello world' pages off in productionMake the domain whitelist actually do something- Add some mechanism whereby updating the starting token restarts the process
Since heroku is suspending the app for policy reasons, an alternative is to deploy the app via docker on any other hosting provider of your choosing. Steps below:
- Create environment and database config files from samples
cp config/database.yml.sample config/database.yml
cp .env.sample .env
- Fill out the environment variables in
.env
fileAPP_NAME
: name of the app (ie - instagram-token-agent)STARTING_TOKEN
: Your initial Instagram token value, sourced from Facebook's app dashboard.APP_URL
: app's urlDB_USER
: Postgres database userDB_PASSWORD
: Postgres database passwordDB_NAME
: Postgres database namePORT
: Port on which you want the app to be accessibleTEMPORIZE_URL
: Since the app currently depends on the temporize service to handle refreshing of the token, this url can be acquired by create an app on heroku (even though it gets suspended) from App settings -> Config VarsWEBHOOK_SECRET
: can be acquired from App settings -> Config Vars in Heroku
- Run
docker-compose up -d
- The app will be accessible at the port# that you specified in the
.env
file- You can additionally use an NGINX Reverse Proxy to handle a domain redirect to the app's port.
MIT License
Copyright (c) 2020 Companion Studio
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.