Skip to content


Flickr Authentication

Currently there is only one authentication method available to the API. This method is somewhat complex, but is far more secure and allows your users to feel a little safer authenticating to your application. You'll no longer have to ask for their username and password.

Authentication API

http://www.flickr.com/services/api/auth.spec.html
I know how complicated this API looks at first glance, so I've tried to make this as transparent to the coding process. I'll go through the steps you'll need to use this. Both the auth.php and getToken.php file will need your API Key and Secret entered before you can use them.

To have end users authenticate their accounts:

First, setup a callback script. I've included a callback script that is pretty flexible. You'll find it in the package entitled "auth.php". You'll need to go to flickr and point your api key to this file as the callback script. Once you've done this, on any page that you want to require the end user end user to authenticate their flickr account to your app, just call the phpFlickr::auth() function with whatever permission you need to use. For example:
    $f->auth("write");
The three permissions are "read", "write" and "delete". The function defaults to "read", if you leave it blank.

Calling this function will send the user's browser to Flickr's page to authenticate to your app. Once they have logged in, it will bounce them back to your callback script which will redirect back to the original page that you called the auth() function from after setting a session variable to save their authentication token. If that session variable exists, calling the auth() function will return the permissions that the user granted your app on the Flickr page instead of redirecting to an external page.

To authenticate the app to your account to show your private pictures:

This method will allow you to have the app authenticate to one specific account, no matter who views your website. This is useful to display private photos or photosets (among other things).

Note: The method below is a little hard to understand, so I've setup a tool to help you through this: http://www.phpflickr.com/tools/auth/.

First, you'll have to setup a callback script with Flickr. Once you've done that, edit line 12 of the included getToken.php file to reflect which permissions you'll need for the app. Then browse to the page. Once you've authorized the app with Flickr, it'll send you back to that page which will give you a token which will look something like this:
    1234-567890abcdef1234
Go to the file where you are creating an instance of phpFlickr (I suggest an include file) and after you've created it set the token to use:
    $f->setToken("[token string]");
This token never expires, so you don't have to worry about having to login periodically.


One Response

Stay in touch with the conversation, subscribe to the RSS feed for comments on this post.

  1. Ludo says

    Hi, and thanks for your lib.
    I was wondering if there is a way to authenticate an app, without configuring the call back url in the flickr API.

    Any idea ?



Some HTML is OK

or, reply to this post via trackback.