Instagram restricts API following password breach, will review all apps going forward

abstract art of instagram logo

This could mean the end of countless Instagram apps.

Instagram is tightening restrictions on developers who want to use its services to power their third-party apps. 

The company announced new policies for using its API, effectively eliminating some of the current third-party Instagram apps. The company will now require apps to go through a review process before being allowed full access to the API. 

Instagram’s API allows developers to use Instagram services inside their apps. The restrictions come just after InstaAgent, a popular third-party Instagram app that could tell who visited your account, was found to be stealing and storing user passwords and posting spam onto Instagram accounts without permission. 

The new policies list a handful of use cases that Instagram will allow, including helping individuals share their own content, like printing and importing Instagram photos; helping brands with content strategy and advertising; and supporting publishers to get digital rights to photos and videos. 

Instagram follows in the footsteps of other social networks. Twitter significantly restricted API access back in 2012 to the consternation of many developers, and in April, Snapchat cracked down on third-party apps that were using its API that had never been publicly released. 

Instagram said the company will be reviewing new and existing apps starting Dec. 3, and June 1, 2016 is the deadline for existing apps to be submitted and approved.

H/T The Verge | Illustration by Max Fleishman

Selena Larson

Selena Larson

Selena Larson is a technology reporter based in San Francisco who writes about the intersection of technology and culture. Her work explores new technologies and the way they impact industries, human behavior, and security and privacy. Since leaving the Daily Dot, she's reported for CNN Money and done technical writing for cybersecurity firm Dragos.