Insta360Developers
  • English

    • Authentication

    Authentication

    The Insta360 Open Platform API uses the OAuth 2.0 protocol for authentication and authorization, with scopes organized by business domain to ensure data security and the principle of least privilege.

    Planning Stage

    The content on this page describes planned capabilities. Specific APIs are subject to change upon official release.

    Authentication Method

    • Protocol: OAuth 2.0
    • Grant Type: Authorization Code
    • Token Type: Bearer Token

    Authentication Flow

    1. Register your application on the Open Platform to obtain client_id and client_secret
    2. Redirect users to the authorization page; upon user consent, obtain an authorization_code
    3. Exchange the authorization_code for an access_token
    4. Include Authorization: Bearer <access_token> in API request headers

    OAuth Scopes

    Scopes are organized by business domain to enforce least privilege:

    ScopeDescription
    account:readRead basic user profile
    content:readRead media list and metadata
    content:writeUpload and edit media
    store:readRead products, pricing, and orders
    store:writeCreate orders and purchases