Instagram Integration

SocialRoar connects to an Instagram Business or Creator Account (linked to a Facebook Page) via the Instagram Graph API. Once connected, SocialRoar:

• Loads comments on the connected account’s media (posts, reels, and videos) into a unified inbox in the SocialRoar web app;
• Classifies each comment by sentiment (positive / neutral / negative) and tags it as a question, complaint, praise, or spam, using AI;
• Generates AI-suggested replies grounded in the brand’s knowledge base (FAQs, brand voice, website content);
• Posts replies back to Instagram on the user’s instruction (one-click from the inbox);
• Hides or deletes comments — only when explicitly requested by the authorized user — to manage spam and harassment.

1. The user creates a SocialRoar account and signs in.
2. From Settings → Connected Accountsthe user clicks Connect Instagram.
3. The user is redirected to Facebook’s OAuth dialog, where they select the Facebook Page that is linked to their Instagram Business or Creator Account, and approve the requested permissions.
4. SocialRoar exchanges the OAuth code for an access token and stores it encrypted at rest.
5. SocialRoar subscribes to the Instagram comments webhook for that account so new comments arrive in near real time.
6. New comments appear in the unified inbox with sentiment, tags, and an AI-suggested reply. The user reviews and either approves the reply, edits it, or writes their own.
7. On approval, SocialRoar posts the reply to Instagram via the Graph API.

• instagram_basic — to read the connected Instagram Business Account profile (account ID, username, profile picture) so the user can confirm they connected the right account.
• instagram_manage_comments — to read comments on the user’s media, post replies the user has approved, and (on user instruction) hide or delete comments. This is the core of the product.
• instagram_manage_insights — to read aggregate engagement metrics (comment volume, reach, impressions) used to power the analytics dashboard and detect unusual spikes that may need attention.
• pages_show_list — to list the user’s Facebook Pages so they can pick the one linked to their Instagram Business Account.
• pages_read_engagement — to read comments and engagement on the linked Facebook Page (required because Instagram comments are accessed via the linked Page token).
• business_management — only when the user manages the account through Meta Business Manager, to list and select the correct business asset.

We request only these permissions, and only at the moment the user chooses to connect Instagram. We never request permissions we do not actively use in the product.

Comment text and metadata are loaded into the user’s SocialRoar inbox. To generate an AI reply suggestion, the comment text and the relevant snippets from the user’s knowledge base are sent to our AI provider (Anthropic) under a contract that prohibits training on our customers’ data. Replies are only posted back to Instagram after the user explicitly approves them in the inbox.

We do not use Instagram-derived data for advertising, retargeting, model training, or to build user profiles for purposes unrelated to the features described above. We never sell this data.

Access tokens are encrypted at rest. Comments and replies are retained while the Instagram account remains connected. When the user disconnects the account, deletes their SocialRoar account, or removes SocialRoar from Facebook → Apps and Websites, we delete all associated Instagram data within 30 days. See our Data Deletion Instructions.

SocialRoar complies with the Meta Platform Terms, the Instagram Platform Policy, and the Developer Policies. Data obtained through the Instagram Graph API is not transferred to data brokers, ad networks, or analytics platforms beyond the service providers described in our Privacy Policy.