Settings

API credentials for real publishing. Stored locally in your app database.

Instagram (Meta app)

Configured

Instagram App ID

Instagram App Secret

Redirect URI

Must match a redirect URI registered in your Meta app. Defaults to https://localhost:3001/auth/instagram/callback.

Find these at developers.facebook.com → your app → Instagram → API setup with Instagram login. Use the Instagram app ID/secret (not the Facebook ones). Add your Instagram account as a tester under Roles until the app is approved.

TikTok

Configured

Client key

Client secret

Redirect URI

For local TikTok testing, register this exact HTTPS callback in TikTok and proxy it to Rails with Tailscale Serve.

Post privacy

Until TikTok audits your app, posts are forced to Private; the TikTok creator account may also need to be private.

Delivery mode

Draft mode uploads to TikTok inbox for manual review and posting in the TikTok app. It is useful for testing without Direct Post private-account restrictions.

Verified URL prefix for photos

Required for TikTok photo/carousel posts, including drafts. Verify this exact public URL prefix in your TikTok developer app, and make sure generated image URLs start with it.

TikTok app has passed Direct Post audit Enable this only after TikTok approves the API client for non-private posting.

From developers.tiktok.com → your app: add Login Kit and Content Posting API, request the video.publish scope, and register the Redirect URI. TikTok videos upload directly; TikTok photo carousels use public image URLs from the media host below.

X

Configured

Client ID

Client secret (optional for public clients)

Redirect URI

Must exactly match the callback URL registered in your X developer app.

In the X developer portal, enable OAuth 2.0 and request the tweet.read, tweet.write, users.read, media.write, and offline.access scopes. The adapter uploads media directly to X, then creates the post.

YouTube

Configured

Client ID

Client secret

Redirect URI

Must exactly match an authorized redirect URI in your Google Cloud OAuth client.

Default privacy

Category ID

22 is People & Blogs.

Create a Google Cloud OAuth client with the YouTube Data API enabled. The app requests youtube.upload for publishing and youtube.readonly to identify the connected channel.

Video storage (Cloudflare R2 / S3)

Configured

Bucket name

S3 endpoint

Host only — do not append the bucket name. Leave blank for AWS S3.

Access Key ID

The 32-character Access Key ID — not the cfat… "Token value".

Region

Secret Access Key

In Cloudflare → R2: create a bucket, then Manage R2 API Tokens → Create API Token (Object Read & Write). Copy the Access Key ID and Secret Access Key from the same screen — the secret is shown only once. Region is auto for R2. The bucket can stay private — Instagram gets a temporary signed URL.

Cloudinary (optional image fallback)

Configured

Cloud name

Unsigned upload preset

Instagram fetches media from a public URL, so images upload to Cloudinary first. In your Cloudinary dashboard go to Settings → Upload → Upload presets, add one with Signing Mode: Unsigned, and paste its name here.

Connect Instagram → Connect TikTok → Connect X → Connect YouTube →

Save first, then test — writes and deletes a tiny file in your R2 bucket.