My Facebook application is in online mode, but this error will be reported when calling "/business_id/adspixels". What should I do to avoid this error.
I have tried to apply for various permissions, such as ads_ read、business_ management、attribution_ Read. However, this error will still occur.
{"message":"(#270) This Ads API request is not allowed for apps with development access level (Development access is by default for all apps, please request for upgrade). Make sure that the access token belongs to a user that is both admin of the app and admin of the ad account","type":"OAuthException","code":270,"fbtrace_id":"ABi7JUtohVnMy5rYCCmp-P1"}
Related
We implemented the Marketing API into our company's order management system to automate the creation of ad campaigns. A system user was created with the proper permissions, and the integration has been working. We're only using the API for our own ad account and pages, which we of course own. The "Facebook App" is set to live mode and has been for a couple weeks now.
But starting sometime today, we have been getting errors saying that the ads_read and ads_management permissions are required. And sure enough, they are indeed missing from the access token for the system user when I use the access token debugger.
What would have caused the system user to be missing these permissions all of a sudden? We are still on the dev tier and have only recently reached the 1,500 calls required to request standard access. That's the only thing I can think of so far, but is that the reason we suddenly don't have the proper permissions, or could it be something else? I haven't read anywhere in the documentation that we would lose these permissions upon reaching 1,500 calls, and I was planning on requesting the standard access next.
Also, I have read in various spots: "You do not need to submit your app if it will only be used by you or by a reduced number of people." That is actually our case, as we are only using a system user for the API calls, and there are only a few users tied to the Facebook ad account. So, do we need to submit our app for review?
Thanks in advance.
I'm trying to test my server to server app and my app is an website. But the calls to the marketing API are done from my node js server. I am able to create campaigns and Adsets, but not the Ads. when I try, I'm reciving this error message on marketing api calls to create Ads:
"message": "(#294) Managing advertisements requires an acess token with the extended permission for ads_management".
The thing is, I have already been approved to use ads_management, but when I try to set my app to public, so I can create Ads, the "Generate Token" tool of my app become disabled.
I have also asked permission to use Api Standard Access mode (instead of development mode), but it was denied due to unsuccessful api calls. But how can I have successful api calls if I can't generate an access token with ads_managment permissions, neither can I create Ads while in development mode?
I'm building an application that needs to read Facebook ads information and I'm running into an issue, which to me seems strange.
When I access the campaigns for my adaccounts using https://graph.facebook.com/v2.10/me?fields=adaccounts{campaigns} it works and I can see the campaigns and their properties.
When I change the request to access the campaign to https://graph.facebook.com/v2.10/[campaign_id] it results in an error which says:
(#272) This Ads API call requires the user to be admin of the application. User is not admin or developer of this application.
I can see the properties of the campaigns using "me" as the first Node in the request.
Any idea why can't I access the campaign using a request where the campaign is the first Node? What could be the reason behind this problem?
I've read many posts on this and I found that this is most likely a permissions issue or token issue.
First of all, could you please try to login as the user, and then go to Facebook Ads Manager or Power Editor to check if the user still has permissions on the account?
If you can still see and edit the ad account, then you would need to report this issue at https://developers.facebook.com/bugs/ instead.
This could also be one of the explanation.
This may be due to your ad account is inactive or in a bad standing. Additionally if your access level of your ad account is in development level these types of errors may occur. please go through what's mentioned on the doc here If you upgrade your account to basic or standard access levels this will be solved.
On development access level only end to end workflows are suggested. The following text is extracted from facebook documentation.
The development access level is designed for development purposes and
is ideal for people who are just starting to build out their tool. In
this level, you would not yet have customers using your tool. This
level is open to all developers, and is intended to build out
end-to-end workflows on the API before you get full permissions.
I build API for post on my community of VK. But I check my permission for my app, and I have all permissions, but not load WALL permissions.
In the scope for OAuth, I put all scopes and not work the WALL. I check the "Api.console" and they have "Access to Wall - The application has access to your wall", but in my app not appear.
This is the response:
{"error":{"error_code":15,"error_msg":"Access denied: no access to call this method","request_params":[{"key":"oauth","value":"1"},{"key":"method","value":"wall.post"},{"key":"owner_id","value":"-*********"},{"key":"from_group","value":"1"},{"key":"message","value":"New post on group wall via API."}]}}
I check other services and if work.
You can't call wall.post (and a lot of other methods) with a non-standalone applications. It seems like your VK application is of type Website or iFrame - they have limited access to the API methods.
However, while you can't call this method from non-standalone applications, can via the Open API (it's a JavaScript SDK for Website applications) or the JavaScript SDK for iFrame applications.
When you call wall.post via these SDKs, a confirmation window will appear where the user needs to confirm the wall post before sending it:
Standalone applications are designed to be used in apps like mobile or desktop clients or browser extensions (because they don't have CORS limitations and may read any tab). There is absolutely no ways to get a user's standalone access token without limitations if you are trying to authorize them via website.
If you are building website or something and need wall.post for service purposes (e.g. news cross-posting), then you may get your token and save it anywhere in site configuration. Open this address:
https://oauth.vk.com/authorize?client_id={APP_ID}&scope={PERMISSIONS}&v={ACTUAL_API_VERSION}&response_type=token&redirect_uri=https://oauth.vk.com/blank.html
{APP_ID} - your standalone application ID (may be found in application Settings).
{PERMISSIONS} - comma-separated list of permissions. Don't forget the offline permission to get token that doesn't expire.
{ACTUAL_API_VERSION} - VK API version.
Example:
https://oauth.vk.com/authorize?client_id=123456&scope=wall,offline&v=5.60&response_type=token&redirect_uri=https://oauth.vk.com/blank.html
Note that redirect_uri=https://oauth.vk.com/blank.html is required to get token without the above mentioned limitations.
After you grand your application access to your account, access token without limitations will appear in your browser address bar. Just copy it, save in your configs and feel free to call any methods you want.
Late but...for this you need to first create a sort of "demo" app for VK using the standalone app type which would issue you an access token inside the address bar when you set the redirect link to https://oauth.vk.com/blank.html
This access token would allow you to share to your personal profile wall.
Then you need to contact VK support and display your app in action. Once they approve it then you'd be able to use a "Website" app that has OAuth style authentication
My question is related to, but not exactly, this question.
I am currently working on a business directory Web site (similar to Yelp), in which businesses have their own pages. Let's call this app DIRECTORY_APP.
Businesses might want to have their latest Facebook status update shown on their pages hosted on our directory. Let's pretend we have a business named BIZ_1. The assumption is that those pages are public pages.
Apparently the Facebook Graph API can be used for this purpose. So I can send a request to Facebook to retrieve the latest status updates for BIZ_1:
https://graph.facebook.com/BIZ_1_PROFILE_ID/posts?
access_token=DIRECTORY_APP_ACCESS_TOKEN
&callback=callbackName
However, if I use this from the client side, our Web site's access token will be exposed to the public, so this is not a reasonable solution.
Now in the aforementioned question, Anatoly mentions that we can retrieve the access token by sending this request first:
https://graph.facebook.com/oauth/access_token?
client_id=YOUR_APP_ID&client_secret=YOUR_APP_SECRET
&grant_type=client_credentials
However if someone inspects the Network log, this will also expose our Web site's access token (is this correct or is this a different type of access token?). This solution also exposes our web site's app secret (is this safe?).
So to summarize, what's a safe way in which I can retrieve the latest status update of a Web page from client-side without asking the browsing user to first log in to Facebook?
I can retrieve the latest status update of a Web page from client-side without asking the browsing user to first log in to Facebook
You cant do that without login.
And I guess access token is not exposed.
Maybe the smart trick here is to use a social plugin. The Like Box will do what you want, without any issues. But, it's not greatly customizable. Even so, it's possible to get it looking nice on a page!
It also skips any login issues you mentioned.
I found the answer after some Googling. In short, the answer is no.
And here's an excerpt from Facebook:
Security Best Practices
App Secret and App Access Token
The App Secret is used in some of the Login flows to generate access tokens and the Secret itself is intended to secure usage of your App to only those that are trusted. The secret can be used to easily create an App Access Token which can make API requests on behalf of any user of the app, which makes it extremely important that an App Secret is not compromised.
Therefore the App Secret or an App Access token should never be included in any code that could be accessed by anyone other than a developer of the app. This applies to all methods of code that are not secured like client-side code (such as HTML or Javascript) or native apps (such as iOS, Android or Windows desktop apps) that could be decompiled.
We recommend that App Access Tokens should only be used directly from your app's servers in order to provide the best security. For native apps, we suggest that the app communicates with your own server and the server then makes the API requests to Facebook using the App Access Token. For this reason, if your 'App Type' under Advanced Settings in the App Dashboard is set to Native/Desktop we assume that your native app contains the App Secret or an App Access Token in the binary, and we do not allow calls signed with an App Access Token to proceed. The API will behave as though no access token was provided.
If your App Secret is compromised, you should reset it immediately in the Basic Settings of your App Dashboard.