Settings

API credentials for real publishing. Stored locally in your app database.

Instagram (Meta app)

Configured

Must match a redirect URI registered in your Meta app. Defaults to https://localhost:3001/auth/instagram/callback.

Find these at developers.facebook.com → your app → Instagram → API setup with Instagram login. Use the Instagram app ID/secret (not the Facebook ones). Add your Instagram account as a tester under Roles until the app is approved.

TikTok

Configured

For local TikTok testing, register this exact HTTPS callback in TikTok and proxy it to Rails with Tailscale Serve.

Until TikTok audits your app, posts are forced to Private; the TikTok creator account may also need to be private.

Draft mode uploads to TikTok inbox for manual review and posting in the TikTok app. It is useful for testing without Direct Post private-account restrictions.

Required for TikTok photo/carousel posts, including drafts. Verify this exact public URL prefix in your TikTok developer app, and make sure generated image URLs start with it.

From developers.tiktok.com → your app: add Login Kit and Content Posting API, request the video.publish scope, and register the Redirect URI. TikTok videos upload directly; TikTok photo carousels use public image URLs from the media host below.

X

Configured

Must exactly match the callback URL registered in your X developer app.

In the X developer portal, enable OAuth 2.0 and request the tweet.read, tweet.write, users.read, media.write, and offline.access scopes. The adapter uploads media directly to X, then creates the post.

YouTube

Configured

Must exactly match an authorized redirect URI in your Google Cloud OAuth client.

22 is People & Blogs.

Create a Google Cloud OAuth client with the YouTube Data API enabled. The app requests youtube.upload for publishing and youtube.readonly to identify the connected channel.

Video storage (Cloudflare R2 / S3)

Configured

Host only — do not append the bucket name. Leave blank for AWS S3.

The 32-character Access Key ID — not the cfat… "Token value".

In Cloudflare → R2: create a bucket, then Manage R2 API Tokens → Create API Token (Object Read & Write). Copy the Access Key ID and Secret Access Key from the same screen — the secret is shown only once. Region is auto for R2. The bucket can stay private — Instagram gets a temporary signed URL.

Cloudinary (optional image fallback)

Configured
Instagram fetches media from a public URL, so images upload to Cloudinary first. In your Cloudinary dashboard go to Settings → Upload → Upload presets, add one with Signing Mode: Unsigned, and paste its name here.
Save first, then test — writes and deletes a tiny file in your R2 bucket.