Developer APIs
Integrate with the Auto Insta Flow automation engine, fetch public creator insights, scan reels and comments, and handle webhook alerts.
Authentication
All backend endpoints check authentication cookies verified via Google and Supabase sessions. For server-to-server calls or webhook events, validation relies on signing verification (such as Meta's Webhook Signature validation header).
Incoming webhooks require X-Hub-Signature-256 computed via your Instagram App Secret.
GET /api/instagram/media
Fetch the most recent posts, reels, and active stories published by a connected Instagram account.
The unique ID of the Instagram Account stored in the database.
{
"success": true,
"posts": [
{
"id": "1782201916489",
"caption": "Check out our new automation builder! 🚀 comment SEND to get it.",
"type": "reel",
"mediaUrl": "https://video.cdninstagram.com/...",
"permalink": "https://www.instagram.com/reel/...",
"thumbnailUrl": "https://scontent.cdninstagram.com/...",
"commentsCount": 142,
"likeCount": 1205,
"publishedAt": "2026-06-23T08:25:36Z"
}
]
}curl -X GET "https://autoinstaflow.io/api/instagram/media?accountId=acc_12345"
GET /api/instagram/comments
Fetch the list of comments for a specific Instagram post, reel, or active story.
The unique media ID from Meta Graph API.
The database ID of the connected Instagram account.
[
{
"id": "1802931726593817",
"username": "john_doe",
"text": "SEND me the link!",
"timestamp": "2026-06-23T08:26:01Z"
}
]curl -X GET "https://autoinstaflow.io/api/instagram/comments?mediaId=1782201916489&accountId=acc_123"
POST /api/instagram/send-dm
Send a private DM reply directly linked to a specific comment ID.
The comment ID to send the reply to.
The message body/text to deliver.
Optional. The account ID to pull access tokens from database.
Optional. Custom Meta user access token.
Optional. Direct Instagram profile ID.
{
"success": true,
"data": {
"recipient_id": "user_98765",
"message_id": "m_12345abcd"
}
}curl -X POST "https://autoinstaflow.io/api/instagram/send-dm" \
-H "Content-Type: application/json" \
-d '{"commentId": "1802931726593817", "text": "Here is your link: https://example.com", "accountId": "acc_123"}'POST /api/instagram/lookup
Query public Creator or Business accounts using Meta Business Discovery APIs.
The Instagram username (e.g. "@cristiano" or "cristiano") to fetch details for.
{
"success": true,
"isSimulated": false,
"data": {
"username": "creator_username",
"name": "Jane Doe Creative",
"profile_picture_url": "https://scontent.cdninstagram.com/...",
"followers_count": 87400,
"media_count": 342
}
}curl -X POST "https://autoinstaflow.io/api/instagram/lookup" \
-H "Content-Type: application/json" \
-d '{"username": "cristiano"}'Webhook Setup & Integration
Auto Insta Flow relies on Real-Time Graph API Webhooks to process events on Instagram instantly. Setup requires completing the challenge handshake, and validating the signature on incoming payloads.
Meta calls your webhook endpoint with verification query params. You must compare the token and return the challenge query parameter as plain text.
"subscribe"INSTAGRAM_WEBHOOK_VERIFY_TOKENMeta sends JSON events (comments, stories, DMs) in real time. Validate payloads using the SHA256 signature in the x-hub-signature-256 header.
// Header: x-hub-signature-256 = sha256=abcdef12345...
{
"entry": [
{
"id": "instagram_business_account_id",
"time": 1782201916,
"changes": [
{
"field": "comments",
"value": {
"id": "1802931726593817",
"text": "GIVE ME THE EBOOK!",
"from": {
"id": "sender_user_id",
"username": "john_doe"
},
"media": {
"id": "1782201916489",
"media_product_type": "REELS"
}
}
}
]
}
]
}