We're using the Instagram (basic) API in our web app. To link our app to a user's account they're redirected to the Instagram page and asked for consent. https://api.instagram.com/oauth/authorize?client_id={0}&redirect_uri={1}&scope=user_profile,user_media&response_type=code&state={2}
That's working fine. But some users manage multiple Instagram accounts and if they want to link different Instagram accounts (from the same computer), they are not offered the possibility to select another account to login to. If they are logged in into Instagram, they keep being that user, until they manually go to the logout page.
To force them to select a user, I can always force a logout by redirecting them (in an iframe) to the Instagram logout URL. That will force them to re-enter their credentials (or that from another user) on the Instagram auth page the next time they're redirected to the auth url. But that just seems "fishy" to me. (It's like it's done behind the user's back, and it may not be the wanted behaviour)
Is there no "clean" way (an extra querystring param in the auth URL above)? Microsoft has "prompt=login", Dropbox has "forceReauthentication: true".
I added force_authentication=1 to the login URL and it works in a browser outside of the Instagram app.
https://api.instagram.com/oauth/authorize?force_authentication=1&client_id=${IG_APP_ID}&redirect_uri=${IG_REG_REDIRECT_URL}&scope=${IG_REG_SCOPE}&state=1&response_type=code