Login with Instagram using PHP

The Instagram API provides an easy way to integrate user authentication system in the web application. Login with Instagram allows the user to authenticate with their Instagram account and log into the website. Since, the authentication process handled by the Instagram API, the web application doesn’t need the user’s registration functionality. The Instagram Login enables quick access o the user without creating an account on the website.

The Instagram API uses OAuth 2.0 to authenticate and authorize the user. You can easily implement the Login system with Instagram using Instagram API and PHP. In this tutorial, we will show you how to integrate Login with Instagram using PHP. The cURL is a simple and effective way to access the Instagram API with PHP. We will use cURL to integrate the Instagram API in PHP.

The following functionality will be implemented in the example Instagram OAuth script.

• Authenticate with Instagram account using access_token.
• Retrieve the user’s profile data from Instagram account.
• Store profile data in the database using PHP and MySQL.
• Display the user’s account information.

Before you begin to integrate Instagram Login in PHP, take a look at the file structure.

instagram_login_with_php/
├── config.php
├── index.php
├── logout.php
├── User.class.php
├── InstagramAuth.class.php
├── images/
└── css/

Register Instagram Client ID

The Client ID and Client Secret are required to access the Instagram API. Before getting started to implement Instagram Login with PHP on the website, follow the below steps to register a new Instagram Client, and get the Client ID and Secret.

• Go to the Instagram Developer Panel.
• Register an account as a developer and login to your developer account.
• Navigate to the Manage Clients page, click on Register a New Client button.
• Provide the Application info and click the Register to submit.
  • The Valid redirect URIs must be matched with the redirect URL specified at the time of API request.
• After the App creation, it will be listed in the Manage Clients page. Click the MANAGE button.
  

In the App details page, you will see the Client ID and Client Secret. Note these API credentials (Client ID and Client Secret) for later use in the script.

How to Register Instagram App and Create Client ID

Create Database Table

To store the user’s profile information from Instagram, a table is required in the database. The following SQL creates a users table with some basic fields in the MySQL database.

CREATE TABLE `users` (
 `id` int(11) NOT NULL AUTO_INCREMENT,
 `oauth_provider` enum('instagram','facebook','google','linkedin','') COLLATE utf8_unicode_ci NOT NULL,
 `oauth_uid` varchar(100) COLLATE utf8_unicode_ci NOT NULL,
 `first_name` varchar(50) COLLATE utf8_unicode_ci NOT NULL,
 `last_name` varchar(50) COLLATE utf8_unicode_ci NOT NULL,
 `email` varchar(100) COLLATE utf8_unicode_ci NOT NULL,
 `username` varchar(50) COLLATE utf8_unicode_ci NOT NULL,
 `gender` varchar(5) COLLATE utf8_unicode_ci NOT NULL,
 `picture` varchar(255) COLLATE utf8_unicode_ci NOT NULL,
 `link` varchar(255) COLLATE utf8_unicode_ci NOT NULL,
 `created` datetime NOT NULL,
 `modified` datetime NOT NULL,
 PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;

Instagram OAuth Library

The InstagramAuth class helps to authenticate with the Instagram API using PHP.

• getAccessToken() – Retrieve access_token from Instagram OAuth API (oauth/access_token) using PHP cURL.
• getUserProfileInfo() – Fetch the user’s profile data from Instagram User API (users/self) by access_token.

<?php 
/* 
 * Instagram API Class 
 * This class helps to authenticate with Instagram API 
 * @author    CodexWorld.com 
 * @url        http://www.codexworld.com 
 * @license    http://www.codexworld.com/license 
 */ 
class InstagramAuth { 
    public $client_id         = ''; 
    public $client_secret     = ''; 
    public $redirect_url     = ''; 
    private $act_url         = 'https://api.instagram.com/oauth/access_token'; 
    private $ud_url         = 'https://api.instagram.com/v1/users/self/'; 
     
    public function __construct(array $config = array()){ 
        $this->initialize($config); 
    } 
     
    public function initialize(array $config = array()){ 
        foreach ($config as $key => $val){ 
            if (isset($this->$key)){ 
                $this->$key = $val; 
            } 
        } 
        return $this; 
    } 
     
    public function getAuthURL(){ 
        $authURL = "https://api.instagram.com/oauth/authorize/?client_id=" . $this->client_id . "&redirect_uri=" . urlencode($this->redirect_url) . "&response_type=code&scope=basic"; 
        return $authURL; 
    } 
     
    public function getAccessToken($code) {     
        $urlPost = 'client_id='. $this->client_id . '&client_secret=' . $this->client_secret . '&redirect_uri=' . $this->redirect_url . '&code='. $code . '&grant_type=authorization_code'; 
        $ch = curl_init();         
        curl_setopt($ch, CURLOPT_URL, $this->act_url);         
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); 
        curl_setopt($ch, CURLOPT_POST, 1);         
        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); 
        curl_setopt($ch, CURLOPT_POSTFIELDS, $urlPost);             
        $data = json_decode(curl_exec($ch), true);     
        $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);     
        curl_close($ch); 
        if($http_code != '200'){     
            throw new Exception('Error : Failed to receive access token'.$http_code); 
        } 
        return $data['access_token'];     
    } 
 
    public function getUserProfileInfo($access_token) {  
        $url = $this->ud_url.'?access_token=' . $access_token;     
 
        $ch = curl_init();         
        curl_setopt($ch, CURLOPT_URL, $url);         
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);     
        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); 
        $data = json_decode(curl_exec($ch), true); 
        $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);     
        curl_close($ch);  
        if($data['meta']['code'] != 200 || $http_code != 200){ 
            throw new Exception('Error : Failed to get user information'); 
        } 
        return $data['data']; 
    } 
}

User Class (User.class.php)

The User class handles the database related operations (connect, insert, and update) using PHP and MySQL.

• __construct() – Connect to the MySQL database.
• checkUser() – Insert or update the user account data (Instagram profile info) based on the OAuth provider and ID. Returns the user’s account data as an array.

<?php 
/* 
 * User Class 
 * This class is used for database related (connect, insert, and update) operations 
 * @author    CodexWorld.com 
 * @url        http://www.codexworld.com 
 * @license    http://www.codexworld.com/license 
 */ 
class User { 
    private $dbHost     = DB_HOST; 
    private $dbUsername = DB_USERNAME; 
    private $dbPassword = DB_PASSWORD; 
    private $dbName     = DB_NAME; 
    private $userTbl    = DB_USER_TBL; 
     
    function __construct(){ 
        if(!isset($this->db)){ 
            // Connect to the database 
            $conn = new mysqli($this->dbHost, $this->dbUsername, $this->dbPassword, $this->dbName); 
            if($conn->connect_error){ 
                die("Failed to connect with MySQL: " . $conn->connect_error); 
            }else{ 
                $this->db = $conn; 
            } 
        } 
    } 
     
    function checkUser($userData = array()){ 
        if(!empty($userData)){ 
            // Check whether user data already exists in database 
            $prevQuery = "SELECT * FROM ".$this->userTbl." WHERE oauth_provider = '".$userData['oauth_provider']."' AND oauth_uid = '".$userData['oauth_uid']."'"; 
            $prevResult = $this->db->query($prevQuery); 
            if($prevResult->num_rows > 0){ 
                // Update user data if already exists 
                $query = "UPDATE ".$this->userTbl." SET first_name = '".$userData['first_name']."', last_name = '".$userData['last_name']."', email = '".$userData['email']."', gender = '".$userData['gender']."', picture = '".$userData['picture']."', link = '".$userData['link']."', modified = NOW() WHERE oauth_provider = '".$userData['oauth_provider']."' AND oauth_uid = '".$userData['oauth_uid']."'"; 
                $update = $this->db->query($query); 
            }else{ 
                // Insert user data 
                $query = "INSERT INTO ".$this->userTbl." SET oauth_provider = '".$userData['oauth_provider']."', oauth_uid = '".$userData['oauth_uid']."', first_name = '".$userData['first_name']."', last_name = '".$userData['last_name']."', email = '".$userData['email']."', gender = '".$userData['gender']."', picture = '".$userData['picture']."', link = '".$userData['link']."', created = NOW(), modified = NOW()"; 
                $insert = $this->db->query($query); 
            } 
             
            // Get user data from the database 
            $result = $this->db->query($prevQuery); 
            $userData = $result->fetch_assoc(); 
        } 
         
        // Return user data 
        return $userData; 
    } 
}

Site Settings and API Configuration (config.php)

The database settings and Instagram API configuration constant variables are defined in the config.php file.

Database Constants:

• DB_HOST – Specify the database host.
• DB_USERNAME – Specify the database username.
• DB_PASSWORD – Specify the database password.
• DB_NAME – Specify the database name.
• DB_USER_TBL – Specify the table name where the user’s account data will be stored.

Instagram API Constants:

• INSTAGRAM_CLIENT_ID – Specify the Instagram Client ID.
• INSTAGRAM_CLIENT_SECRET – Specify the Instagram Client Secret.
• INSTAGRAM_REDIRECT_URI – Specify the Callback URL.

Initiate Instagram Auth class:
The Instagram Auth library is used to connect the Instagram API and working with OAuth client.

<?php 
/* 
 * Basic Site Settings and API Configuration 
 */ 
 
// Database configuration 
define('DB_HOST', 'MySQL_Database_Host'); 
define('DB_USERNAME', 'MySQL_Database_Username'); 
define('DB_PASSWORD', 'MySQL_Database_Password'); 
define('DB_NAME', 'MySQL_Database_Name'); 
define('DB_USER_TBL', 'users'); 
 
// Instagram API configuration 
define('INSTAGRAM_CLIENT_ID', 'Instagram_Client_Id'); 
define('INSTAGRAM_CLIENT_SECRET', 'Instagram_Client_Secret'); 
define('INSTAGRAM_REDIRECT_URI', 'Callback_URL'); 
 
// Start session 
if(!session_id()){ 
    session_start(); 
} 
 
/* 
 * For the internal purposes only  
 * changes not required 
 */ 
 
// Include Instagram OAuth library 
require_once 'InstagramAuth.class.php'; 
 
// Initiate Instagram Auth class 
$instagram = new InstagramAuth(array( 
    'client_id' => INSTAGRAM_CLIENT_ID, 
    'client_secret' => INSTAGRAM_CLIENT_SECRET, 
    'redirect_url' => INSTAGRAM_REDIRECT_URI 
)); 

Note that: You’ll find the Client ID and Client Secret on your Instagram Client settings page.

Login with Instagram and Get Account Data (index.php)

In this file, the Instagram API authentication process is handled using PHP.

• Initially, the authentication URL is generated using the getAuthURL() method of Instagram Auth class and the Instagram Sign-in button is displayed on the web page.
• If the user authenticates with their Instagram account, the following happens:
  • The access_token is retrieved using getAccessToken() by the code that received during the authorization step.
  • The profile information is retrieved from the Instagram account using getUserProfileInfo() by the access_token.
  • The account data is inserted into the database using checkUser() function of User class.
  • The user’s account data is stored in the PHP SESSION.
  • The Instagram profile details (ID, First name, Last name, Picture, and Profile link) are displayed on the webpage.

<?php 
// Include configuration file 
require_once 'config.php'; 
 
// Include User class 
require_once 'User.class.php'; 
 
// If URL contains 'code' parameter that passed by Instagram in the Redirect URL 
if(isset($_GET['code'])){ 
    try { 
        // Get the access token  
        $access_token = $instagram->getAccessToken($_GET['code']); 
 
        // Get user profile info 
        $userData = $instagram->getUserProfileInfo($access_token); 
    } catch (Exception $e) { 
        $authErr = $e->getMessage(); 
    } 
     
    if(!empty($userData)){ 
        $username = $userData['username']; 
        $full_name = $userData['full_name']; 
        $full_name_arr = explode(' ',$full_name); 
        $first_name = !empty($full_name_arr[0])?$full_name_arr[0]:''; 
        $last_name = !empty($full_name_arr[1])?$full_name_arr[1]:''; 
        $link = 'https://www.instagram.com/'.$username; 
         
        // Initialize User class 
        $user = new User(); 
         
        // Getting user's profile data 
        $intUserData = array(); 
        $intUserData['oauth_uid']     = $userData['id']; 
        $intUserData['username']      = $username; 
        $intUserData['first_name']     = $first_name; 
        $intUserData['last_name']      = $last_name; 
        $intUserData['picture']    = !empty($userData['profile_picture'])?$userData['profile_picture']:''; 
        $intUserData['link']       = $link; 
        $intUserData['email']      = ''; 
        $intUserData['gender']     = ''; 
 
        // Insert or update user data to the database 
        $intUserData['oauth_provider'] = 'instagram'; 
        $userData = $user->checkUser($intUserData); 
         
        // Storing user data in the session 
        $_SESSION['userData'] = $userData; 
         
        // Get logout url 
        $logoutURL = INSTAGRAM_REDIRECT_URI.'logout.php'; 
         
        // Render Instagram profile data 
        $output  = '<h2>Instagram Profile Details</h2>'; 
        $output .= '<div class="ac-data">'; 
        $output .= '<img src="'.$userData['picture'].'"/>'; 
        $output .= '<p><b>Account ID:</b> '.$userData['oauth_uid'].'</p>'; 
        $output .= '<p><b>Name:</b> '.$userData['first_name'].' '.$userData['last_name'].'</p>'; 
        $output .= '<p><b>Logged in with:</b> Instagram</p>'; 
        $output .= '<p><b>Profile Link:</b> <a href="'.$userData['link'].'" target="_blank">Click to visit Instagram page</a></p>'; 
        $output .= '<p><b>Logout from <a href="'.$logoutURL.'">Instagram</a></p>'; 
        $output .= '</div>'; 
    }else{ 
        $output = '<h3 style="color:red">Instagram authentication has failed!</h3>'; 
        if(!empty($authErr)){ 
            $output = '<p style="color:red">'.$authErr.'</p>'; 
        } 
    } 
}else{ 
    // Get login url 
    $authURL = $instagram->getAuthURL(); 
     
    // Render Instagram login button 
    $output = '<a href="'.htmlspecialchars($authURL).'" class="instagram-btn"><span class="btn-icon"></span><span class="btn-text">Login with Instagram</span></a>'; 
} 
?>

<!DOCTYPE html>
<html lang="en">
<head>
<title>Login with Instagram using PHP by CodexWorld</title>
<meta charset="utf-8">

<link rel="stylesheet" href="css/style.css">
</head>
<body>
<div class="container">
    <div class="inst-box">
        <!-- Display login button / Instagram profile information -->
        <?php echo $output; ?>
    </div>
</div>
</body>
</html>

Logout (logout.php)

If the user wishes to log out from their Instagram account, the logout.php file is loaded.

• Remove access token and user data from the SESSION.
• Redirect the user to the homepage.

<?php 
// Remove user data from session 
unset($_SESSION['userData']); 
 
// Redirect to the homepage 
header("Location:index.php"); 
?>

Conclusion

Our Instagram Auth library helps you to integrate Instagram login with PHP. Our example code makes the Instagram API integration process simple with PHP cURL. You can easily implement the Instagram login in the website by some minimal API settings. If you want to make the Instagram authentication process user-friendly, use JavaScript SDK to integrate Instagram Login without page refresh using JavaScript.