Why does the Pinterest V5 API /pins route give me an intermittent failure and apology, on POST?

Question

Background:

I'm working on a Pinterest integration. I would like to be able to create ads in Pinterest, which requires first having a pin created. I have code in place to do this, and the code works beautifully about 50% of the time. The other 50% of the time, I receive a 400 and an apology from Pinterest, saying that I can not save pins. I have carefully inspected the data for requests that succeed and for requests that fail and am not able to find any difference. I am beginning to suspect that there is some timing element, but have not been able to confirm.

Pinterest-side App Configuration:

In the Pinterest UI, when I go into Settings->Security and logins->Apps logins, I see my app listed there, and I see that it has the following set of permissions granted:

Create, update, or delete ads, ad groups, campaigns etc.
Create, update, or delete your public Pins
Create, update, or delete your public boards
See all of your advertising data, including ads, ad groups, campaigns etc
See your public Pins
See your public boards, including group boards you join
See your user accounts and followers

I believe that this permissions set should be sufficient for me to post against /pins.

Details of POST:

URL: https://api.pinterest.com/v5/pins

Headers: {'Authorization': 'Bearer pina_asdf', 'Content-Type': 'application/json'}

Payload: {'board_id': '123456789', 'title': 'My Title', 'media_source': {'source_type': 'image_url', 'url': 'https://s3.us-west-2.amazonaws.com/some_url'}, 'link': 'https://facebook.com/some_page?utm_source=us'}

Details of Response

Status Code: 400

Response JSON: {'code': 1, 'message': "Sorry! This site doesn't allow you to save Pins."}

The fact that it happens intermittently is confusing to me. The implication from message seems to be that the token is bad, but I believe that the requests sometimes go through with the same access token, and I have even attempted a retry loop that refreshes the bearer token and retries, and this does not seem to fix it. An additional clue is that once this starts happening, it seems to happen for the next several requests, and the only way to remediate the issue seems to be to wait a while and try again, which isn't really an option for my use case.

Answer 1

I have root cause on this.

Although the returned error message in no way indicates this, the failed requests were caused by Pinterst sometimes not being able to resolve the image URL being used to create the pin. We are using S3 for theses images and Boto to generate presigned links to private content. These presigned links have three query parameters, including a percent encoded Signature parameter. This parameter is a hash and may contain various percent encoded characters.

In the specific case of %2B in this query param, Pinterest fails to resolve the image and returns the mystery message. My best guess is that they are decoding it to + and then interpreting that as a space in the URL, which does not resolve correctly.

My workaround is, before I create the Pin, to keep asking AWS for a new link until I get one that doesn't have %2B in it. But it's the variance in these links that caused the intermittence of the failure.