Legacy Instagram API Deprecation
The Legacy Instagram API will be shutting down on March 31, 2020, in favor of the Instagram Graph API and Instagram Basic Display API.
This means that if you have implemented Instagram authentication through the legacy API, your Instagram users will no longer be able to sign in to your application starting March 31, 2020.
Instagram now requires developers to use the Facebook Login flow instead, so you'll need to re-implement authentication using the Instagram Graph API and re-submit your application to Instagram for review.
The new Instagram Basic Display API does allow you to get a user access token, but this cannot be used for authentication. As noted in the Instagram documentation:
Note: Instagram Basic Display is not an authentication solution. Data returned by the API cannot be used to authenticate your app users or log them into your app. If you need an authentication solution, we recommend using Facebook Login instead.
If you try to do this anyway, your application will be rejected at the review stage.
These changes can cause a headache if you have users that are still using the legacy Instagram login, and you haven't had time to implement Facebook Login instead. Fortunately, Auth0 has a simple solution.
How Auth0 can Handle Instagram API Deprecation
If you're still using the Legacy Instagram API for Instagram login, you can take advantage of Auth0's user account linking feature for a quick fix.
What is account linking
Auth0 offers a simple way to take two or more separate accounts and link them into one profile. For example, when a user logs in with email and password, you can create a rule that automatically links any other accounts using that same email.
Account linking for Instagram
If you have users that are only using Instagram for login and you're using the Legacy Instagram API, you can still take advantage of account linking, even though they don't yet have another account to link.
You can create a user-initiated account linking solution that runs when a user tries to sign in with Instagram.
Once they log in, you'll display a message that they will no longer be able to sign in to their account after March 31, 2020, and they need to choose another method such as email/password or a different social provider.
You'll list the authentication options on that page so that the user can sign up right then. After they sign in with their new account, you'll then be able to link the old Instagram account to the new account.
Now, the user will still be able to access their account, and you won't need to go through the trouble of migrating to the new Instagram API if you're only using it for authentication.
Note: The first step in this method requires the user to still authenticate with Instagram. If you'd like to take advantage of Auth0's account linking, you must notify your users of the upcoming change and instruct them to create their new account before March 31, 2020.
About Auth0
Auth0 by Okta takes a modern approach to customer identity and enables organizations to provide secure access to any application, for any user. Auth0 is a highly customizable platform that is as simple as development teams want, and as flexible as they need. Safeguarding billions of login transactions each month, Auth0 delivers convenience, privacy, and security so customers can focus on innovation. For more information, visit https://auth0.com.
If you have any questions about account linking with Auth0, please reach out in the comments or click the "Talk to Sales" button in the header. You can also sign up for a free Auth0 account now to explore the dashboard.
About the author
Holly Guevara
Former Developer Content Manager