Authenticate with Facebook and Instagram

Please note

This is a unified guide for all Social Stream Apps, including Flow-Flow for WordPress, Grace, and all upcoming streaming apps. Here and below, any mention of a Plugin or Social Stream App means one of the apps or plugins listed above.

To use official API and pull feeds from Facebook and Instagram (owned by Facebook), you must get a unified Facebook Access Token. Please connect to our Facebook app under the AUTH tab to obtain an API token and get content from Facebook and Instagram. This token will be used for pulling BOTH Facebook AND Instagram feeds on your behalf:

  1. Visit the AUTH tab in the plugin admin dashboard, find the "Facebook and Instagram integration" section, and hit the CONNECT button.
  2. You will be redirected to the Facebook application auth processing. Select your business page and save settings. If you plan to use Instagram, also select an Instagram account (see requirements below).

  3. You will be redirected back to the plugin admin page with a token inserted. If you got any issues during these steps, try to disable ad-blockers or wait a couple of minutes before a new try.

Instagram requirements

If you plan to pull Instagram feeds and since the new API is meant for business use, next is required to do:

  1. Switch your personal Instagram account (or your company account) to a Business or Creator Account. Please visit the mobile Instagram app, open your profile, tap the menu icon in the top right, and then the settings cogwheel at the bottom. Scroll down to the “Switch to business account” (or Creator) option.
  2. Connect the Instagram account from above to a Facebook business page. You can do this directly when switching to an Instagram Business (Creator) account, or you can do it later under the "Settings -> Linked accounts" section. If you don’t have a Facebook business page, please create one.

Instagram API limitations

  • Only Business and Creator account feeds can be pulled (including those you don't own).
  • You can query a maximum of 30 unique hashtags on behalf of an Instagram Business or Creator Account within a rolling, 7-day period. Once you query a hashtag, it will count against this limit for 7 days. Subsequent queries on the same hashtag within this time frame will not count against your limit and will not reset the initial query 7-day timer.
  • Personal, identifiable information will not be included in responses for hashtag feeds.
  • No feeds by location are available.
  • Emojis in hashtag queries are not supported.
  • The API will return a generic error for any requests that include hashtags that Instagram has deemed sensitive or offensive.

Source: https://developers.facebook.com/docs/instagram-api/guides/hashtag-search.

Troubleshooting

Before re-authentication, try to remove the Flow-Flow app here https://www.facebook.com/settings?tab=business_tools&ref=business_login_reentry. And authenticate after that.

If your feeds are showing the "(#100) Tried accessing nonexisting field (business_discovery) on node type (Page)" error, please make sure that during the authentication process you connected the Facebook page with the Instagram account connected. Also, connecting multiple pages is not supported (so there is no need to do this for proper work).

Token expiration

Facebook and Instagram want their users' accounts to be safe, so they have set certain safety boundaries. On finding any suspicious activity happening around or within your account, your credential/token might expire.

The possible reasons behind your credential/token expirations are:

  • You may haven't logged in even once in the last 2 months (the most usual reason).
  • You've recently changed your Facebook or Instagram password.
  • You've recently logged out of Facebook or Instagram.
  • Logging in and out of multiple Facebook or Instagram accounts from your device.
  • Facebook or Instagram has detected a security issue on your account.
  • Facebook or Instagram suspects spammy behavior on your account (like posting too frequently or repetitive content).
  • Suspicious (Login attempts from a new location) and later not having the full permissions required. If you initially grant the permissions and decide to stop using our authentication, we do not have access without your permission.
  • If you haven't logged in in the last 60 days, then the Facebook token gets expires. To know more, follow this doc.

Still need help? Contact Us Contact Us