You can implement Login with Pinterest feature in your web application using its API. In this tutorial I will discuss its implementation.
After implementing login with Pinterest, you can get user information such as username, ID, name, profile picture etc. However you cannot get email of the user.
Important Points to Note
- After building your application, you need to get it approved from Pinterest so that it becomes live to all. Until the application goes live, only the application creator and a few selected users can use it.
Submitting your application for review does not sound fun, but with increasing cases of API abuse it is slowly becoming a reality (a review is also required in Instagram & Facebook apps). However using just the login API is a very basic thing (as compared to extended features like creating pins, following users) and in this case I think Pinterest should approve your application quite easily. - Pinterest requires your application to be hosted over HTTPS. It won't work if you don't have HTTPS on your server.
Creating a Pinterest Application
The first step would be to create a Pinterest application :
- Create a Pinterest application on https://developers.pinterest.com/apps/
- Enter the fields Name & Description. For some reasons you won’t be able to change the name of your app later.
- When the application is created, go to the application settings.
- In the field Redirect URIs, add the url which points to the redirect url script. Redirect url specifies where Pinterest redirects users after they choose to authenticate your application.
You need to specify a HTTPS url. You can even add a localhost url for testing purposes. Save the new settings. - From the application's settings you will get the Application ID & Application Secret. These will be required in the PHP code.
Basic Understanding of the Login Process
Like most of the web applications Pinterest API also uses OAuth2 for authentication.
- You place a link in your HTML code that will redirect to Pinterest's servers for login.
- You also provide a redirect url through the code. Pinterest will redirect the user to this url after he does the login. Pinterest will also pass an authorization code to this redirect url.
- You use the authorization code to get an access token from Pinterest.
- You use the access token to get user information such as username, ID, name, picture etc.
Step 1 : Save the Application ID and Application Secret
Use a settings.php file to save Application ID, Application Secret and Redirect Url
<?php
/* Pinterest App Id */
define('PINTEREST_APPLICATION_ID', 'xxxxxxxxxxxxxxxxx');
/* Pinterest App Secret */
define('PINTEREST_APPLICATION_SECRET', 'xxxxxxxxxxxxxxxxx');
/* Pinterest App Redirect Url */
define('PINTEREST_REDIRECT_URI', 'xxxxxxxxxxxxxxxxx');
?>
Step 2 : Add Link to Pinterest Login URL in HTML
Add the link to Pinterest login url in your HTML code. If there is a need you can use PHP's header or Javascript's document.location also to redirect to the login url.
<?php
require_once('settings.php');
$login_url = 'https://api.pinterest.com/oauth/?client_id=' . PINTEREST_APPLICATION_ID . '&redirect_uri=' . urlencode(PINTEREST_REDIRECT_URI) . '&response_type=code&scope=read_public';
?>
<html>
<head>....</head>
<body>
.....
<a href="<?= $login_url ?>">Login with Pinterest</a>
.....
</body>
</html>
The login url is basically https://api.pinterest.com/oauth with four parameters :
- redirect_uri : Your redirect url
- response_type : Set it to the default value of "code"
- client_id : Your Pinterest Application ID
- scope : Scope is basically what you are looking to do or get from the user. Pinterest provides 4 scopes that you can request from the user. These scopes are related to getting infomation of the user, uploading pins, following or unfollowing on behalf of the user etc. For detailed information see Getting started with Pinterest API
For user login and getting his basic information you just need a single scope read_public
In case you are requesting for multiple scopes, you can separate each scope by a space :$login_url = 'https://api.pinterest.com/oauth/?client_id=' . PINTEREST_APPLICATION_ID . '&redirect_uri=' . urlencode(PINTEREST_REDIRECT_URI) . '&response_type=code&scope=' . urlencode('read_public write_public');
Clicking on this login link will redirect the user to Pinterest where he login to Pinterest and authorizes your application. After this, Pinterest redirects the user to the redirect url that you have provided. The redirect url script will handle the next steps.
Step 3 : Preparing the Redirect Url Script
On redirecting the user to your given redirect url Pinterest passes an authorization code as a GET parameter named code. You must use this code and make an API call to get an access token.
After you get the access token you can make another API call to get the user profile information.
<?php
session_start();
// Pinterest passes a parameter 'code' in the Redirect Url
if(isset($_GET['code'])) {
try {
$pinterest_ob = new PinterestApi();
// Get the access token
$access_token = $pinterest_ob->GetAccessToken(PINTEREST_APPLICATION_ID, PINTEREST_REDIRECT_URI, PINTEREST_APPLICATION_SECRET, $_GET['code']);
// Get user information
$user_info = $pinterest_ob->GetUserProfileInfo($access_token);
echo '<pre>';print_r($user_info); echo '</pre>';
// Now that the user is logged in you may want to start some session variables
$_SESSION['logged_in'] = 1;
// You may now want to redirect the user to the home page of your website
// header('Location: home.php');
}
catch(Exception $e) {
echo $e->getMessage();
exit;
}
}
?>
API call to get access token using authorization code :
function GetAccessToken($client_id, $redirect_uri, $client_secret, $code) {
$url = 'https://api.pinterest.com/v1/oauth/token';
$curlPost = 'client_id='. $client_id . '&redirect_uri=' . $redirect_uri . '&client_secret=' . $client_secret . '&code='. $code . '&grant_type=authorization_code';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_POSTFIELDS, $curlPost);
$data = json_decode(curl_exec($ch), true);
$http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
if($http_code != '200')
throw new Exception('Error : Failed to receieve access token');
return $data['access_token'];
}
API call to get user profile information using access token :
function GetUserProfileInfo($access_token) {
$url = 'https://api.pinterest.com/v1/me/?access_token=' . $access_token . '&fields=id,username,first_name,last_name,image';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
$data = json_decode(curl_exec($ch), true);
$http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
if($http_code != 200)
throw new Exception('Error : Failed to get user information');
return $data['data'];
}
Making the Application Live
The application you've created is in sandbox mode — it won't work for all users. Only the creator of the application and a few users whom you can choose are allowed to test the application. Before submiting the application for review, a collaborator (a developer or tested whom you choose) must use your application. You can add a collaborator from the application's settings page.
After a collaborator uses your application you can submit it for review.