I am using Facebook's PHP SDK (because it still works, even though it's deprecated, and there's no proper PHP alternative in place), and I've somewhat recently received messages from Facebook about my login app being deactivated because it "has too many errors". I decided to debug it and find out what seemed to be the problem, and it turned out that at the /debug_token step it receives an empty response from Facebook, which is, of course, invalid.
According to https://developers.facebook.com/docs/graph-api/reference/v15.0/debug_token,
this API endpoint should return information about an access token that I received from /oauth/access_token. I tried requesting for this debug information in Facebook's own Graph API Explorer, but the response I got was {"data":[]}. There were various errors if I provided the wrong data, so I would assume if the access token was wrong, I would have also received an error, but nope.
Commenting out the bit of code that does the access token debugging/validation fixes the whole thing, but that hardly seems like the right fix, although it counts for the end users.
The PHP SDK github repo is archived, I can't ask questions here, so I have no other choice but to ask here - 1) does anyone know if the debug_token step is required, and if yes, then 2) for what reasons, and 3) what could possibly be the problem here? At the moment it absolutely seems that the fault is at Facebook's end, I went through all the server requests and all of them work except this one.
I got the same issue about empty array from /debug_token endpoint. After investigations, it seems to be only on development applications. With live applications, /debug_token returns data ... Another weird behaviour from Facebook Graph API 🤷🏻‍♂️
Related
We have some code that uses Facebook Open Graph API to display some posts on our home page. It was originally developed by a previous developer and I rewrote it in ASP.NET MVC for our home page (where before it was PHP which I believe was loaded in an iframe). At that time, I used the app ID and secret that were left to me. This has functioned fine for a couple of years. This afternoon, we started getting an error back on our site: "Access to this data is temporarily disabled for non-active accounts due to changes we are making to the Facebook Platform".
No sweat. I figured I just needed to update our ID and secret. Unfortunately, no one seems to remember the user ID that was in control of that app ID. No sweat. I'll make my own. Unfortunately, any ID and secret I use to access posts -- even my own posts on a page totally not related to work -- returns the same access error. I can get name or cover or some other fields, but as soon as I request any posts, I get the error.
Here's an example of what I'm trying:
https://graph.facebook.com/MyCompanyName?fields=cover,name,likes,link,posts.limit(5){created_time,message,link,type,full_picture,picture,source,icon}&access_token=bunchofnumbers|bunchofnumbersandletters
I am aware of the status post at https://developers.facebook.com/status/issues/205942813488872/, but I think I must be doing something wrong since I can't even create new appIDs to get posts with.
Why does Facebook Graph API say my account is non-active?
Thanks.
Please read this article:
Mark Zuckerberg apologises for Facebook's 'mistakes' over Cambridge Analytica
Cambridge University researcher named Aleksandr Kogan had used an app to extract the information of more than 50 million people, and then transferred it to Cambridge Analytica for commercial and political use.
So facebook is changing its policies so that the personal data could be made more secure.
Until then you cant do anything about it.
I solved the problem on my website by removing the events from the fetched fields list
We started seeing this same error message on our platform today. I think there are a few things going on that all tie together:
As others have mentioned, there have been rapid and major responses by Facebook to increase data protection and privacy in light of the Cambridge Analytica incident. From what I understand, the bad actors exploited the ability access the data of Users (via the graph) that the app did not have an active, first-party relationship with. So, sort of like how "6 degrees of separation" would get you the whole planet, the 1 degree of separation on the few-hundred-thousand Users that connected with the app directly gave the app access to roughly 50 Million users...or something like that. FB is doing what they can to lock that stuff down now, big time.
The specific cause of your error is that something you're asking for in the fields parameter makes a leap (from the either the myCompany or the OAuth'd User/App whose access_token you are using) to a related item/items that FB now deems must have an "active" first-party/direct relationship with your Company/App/User in order to access. This is why you see the somewhat cryptic "non-active accounts" mentioning. I think they really mean that it's not "active with you or your app".
I'm not sure which one of the fields you request is at fault, but some trial-and-error will lead you to it. For us, it was clear: we were asking for the Members of all the Groups that User had access to. We didn't need that, so we cut it out and the error went away.
Facebook today updated the term and conditions
https://developers.facebook.com/docs/graph-api/changelog/breaking-changes/?translation&hc_location=ufi#groups-4-4
My understanding is that if your not a production app, they are limiting your for specific reasons. Unclear if thats because of Cambridge Leak, or upgrading the instagram api.
I also received the same error, however, if you are testing, you can hard code the graph api explorer token into your app to continue testing...
var data {
'accessToken': 'EEAC...',
}
FB.api('/' + id, getData, data, (_response) => {
console.log(_response);
});
Right now I am working with Facebook Open Graph API. And I was having this error every time I wanted to access/get the member (and their basic info) of the groups I am Admin.
{
"error": {
"message": "(#200) Access to this data is temporarily disabled for non-active accounts due to changes we are making to the Facebook Platform",
"type": "OAuthException",
"code": 200,
"fbtrace_id": "Byueyj6MtkoIx"
}
}
In between trial and error #JoshChristy was getting all the desired results! And after couple hours of research we discovered that facebook recognize some account as "non-active" and some "active" (I don't know based on what!) because I am pretty much active in facebook.
So, if you are getting this error that means you are not active enough for facebook ;)
I had this problem. It's solved automatically. I think it's a Facebook issue.
For me it work if I leave just one field - "name". If I add "link" and/or "events" fields it returns error
I was able to get Facebook Page Access token using the method below.
For anyone who may already have an app which has been reviewed can use that app's details as a temporary fix until Facebook is done with their API enhancements. Meaning you'll have to add the relevant redirect uris to the reviewed app as well as use that app's App Id and App Secret.
This works for retrieving page feeds and leads, I wasn't able to retrieve conversations. Also the permissions I requested were { scope: 'ads_management,ads_read,manage_pages' }
In our case, we retrieved, for example, a page access_token with a page ID using like this:
this.call('v2.12/'+pageid, 'GET', {fields: "access_token"}, token)
ended up with the error you mentioned.
However, we took a normal approach and all looks good now.
https://developers.facebook.com/docs/facebook-login/access-tokens#pagetokens
Same thing I just noticed too, and they kept my lead gen ads running and charging me eventhough they blocked the data.
Luckily going into ad manager directly you can still download the CSV/XLS files.
What is issue?
This error is due to recent action taken by Facebook. They said ” Access to certain types of API data is paused for non-active accounts due to changes we are making to the Facebook Platform” So if your account is non-active and you have created App using it then it might possible you get this error in your Plugin. Facebook Issue link is
When it will resolved?
Facebook has temporarily disabled some non-active accounts as they mentioned they haven’t given any estimated time to fix issue but it should get activated soon.
You can find more update on facebook Event API here
We have some code that uses Facebook Open Graph API to display some posts on our home page. It was originally developed by a previous developer and I rewrote it in ASP.NET MVC for our home page (where before it was PHP which I believe was loaded in an iframe). At that time, I used the app ID and secret that were left to me. This has functioned fine for a couple of years. This afternoon, we started getting an error back on our site: "Access to this data is temporarily disabled for non-active accounts due to changes we are making to the Facebook Platform".
No sweat. I figured I just needed to update our ID and secret. Unfortunately, no one seems to remember the user ID that was in control of that app ID. No sweat. I'll make my own. Unfortunately, any ID and secret I use to access posts -- even my own posts on a page totally not related to work -- returns the same access error. I can get name or cover or some other fields, but as soon as I request any posts, I get the error.
Here's an example of what I'm trying:
https://graph.facebook.com/MyCompanyName?fields=cover,name,likes,link,posts.limit(5){created_time,message,link,type,full_picture,picture,source,icon}&access_token=bunchofnumbers|bunchofnumbersandletters
I am aware of the status post at https://developers.facebook.com/status/issues/205942813488872/, but I think I must be doing something wrong since I can't even create new appIDs to get posts with.
Why does Facebook Graph API say my account is non-active?
Thanks.
Please read this article:
Mark Zuckerberg apologises for Facebook's 'mistakes' over Cambridge Analytica
Cambridge University researcher named Aleksandr Kogan had used an app to extract the information of more than 50 million people, and then transferred it to Cambridge Analytica for commercial and political use.
So facebook is changing its policies so that the personal data could be made more secure.
Until then you cant do anything about it.
I solved the problem on my website by removing the events from the fetched fields list
We started seeing this same error message on our platform today. I think there are a few things going on that all tie together:
As others have mentioned, there have been rapid and major responses by Facebook to increase data protection and privacy in light of the Cambridge Analytica incident. From what I understand, the bad actors exploited the ability access the data of Users (via the graph) that the app did not have an active, first-party relationship with. So, sort of like how "6 degrees of separation" would get you the whole planet, the 1 degree of separation on the few-hundred-thousand Users that connected with the app directly gave the app access to roughly 50 Million users...or something like that. FB is doing what they can to lock that stuff down now, big time.
The specific cause of your error is that something you're asking for in the fields parameter makes a leap (from the either the myCompany or the OAuth'd User/App whose access_token you are using) to a related item/items that FB now deems must have an "active" first-party/direct relationship with your Company/App/User in order to access. This is why you see the somewhat cryptic "non-active accounts" mentioning. I think they really mean that it's not "active with you or your app".
I'm not sure which one of the fields you request is at fault, but some trial-and-error will lead you to it. For us, it was clear: we were asking for the Members of all the Groups that User had access to. We didn't need that, so we cut it out and the error went away.
Facebook today updated the term and conditions
https://developers.facebook.com/docs/graph-api/changelog/breaking-changes/?translation&hc_location=ufi#groups-4-4
My understanding is that if your not a production app, they are limiting your for specific reasons. Unclear if thats because of Cambridge Leak, or upgrading the instagram api.
I also received the same error, however, if you are testing, you can hard code the graph api explorer token into your app to continue testing...
var data {
'accessToken': 'EEAC...',
}
FB.api('/' + id, getData, data, (_response) => {
console.log(_response);
});
Right now I am working with Facebook Open Graph API. And I was having this error every time I wanted to access/get the member (and their basic info) of the groups I am Admin.
{
"error": {
"message": "(#200) Access to this data is temporarily disabled for non-active accounts due to changes we are making to the Facebook Platform",
"type": "OAuthException",
"code": 200,
"fbtrace_id": "Byueyj6MtkoIx"
}
}
In between trial and error #JoshChristy was getting all the desired results! And after couple hours of research we discovered that facebook recognize some account as "non-active" and some "active" (I don't know based on what!) because I am pretty much active in facebook.
So, if you are getting this error that means you are not active enough for facebook ;)
I had this problem. It's solved automatically. I think it's a Facebook issue.
For me it work if I leave just one field - "name". If I add "link" and/or "events" fields it returns error
I was able to get Facebook Page Access token using the method below.
For anyone who may already have an app which has been reviewed can use that app's details as a temporary fix until Facebook is done with their API enhancements. Meaning you'll have to add the relevant redirect uris to the reviewed app as well as use that app's App Id and App Secret.
This works for retrieving page feeds and leads, I wasn't able to retrieve conversations. Also the permissions I requested were { scope: 'ads_management,ads_read,manage_pages' }
In our case, we retrieved, for example, a page access_token with a page ID using like this:
this.call('v2.12/'+pageid, 'GET', {fields: "access_token"}, token)
ended up with the error you mentioned.
However, we took a normal approach and all looks good now.
https://developers.facebook.com/docs/facebook-login/access-tokens#pagetokens
Same thing I just noticed too, and they kept my lead gen ads running and charging me eventhough they blocked the data.
Luckily going into ad manager directly you can still download the CSV/XLS files.
What is issue?
This error is due to recent action taken by Facebook. They said ” Access to certain types of API data is paused for non-active accounts due to changes we are making to the Facebook Platform” So if your account is non-active and you have created App using it then it might possible you get this error in your Plugin. Facebook Issue link is
When it will resolved?
Facebook has temporarily disabled some non-active accounts as they mentioned they haven’t given any estimated time to fix issue but it should get activated soon.
You can find more update on facebook Event API here
I have followed the instructions on this page:
https://developers.facebook.com/docs/reference/api/page/#realtime
But I can't get the Deleting an App section to work.
This is the case with both the PHP SDK and with Facebook's Graph API Explorer.
First I add an app to get real time updates by POSTing to
/<page_id>/tabs
with the app_id parameter set to my App ID. I also pass an Access Token for the page.
This returns 'true' in the Graph Explorer, and '1' with the PHP SDK, which I understand means success in both cases. I know this is true as I have received data to my real time endpoint.
However, I also need to be able to delete these subscriptions, per page.
The documentation suggests this is done by performing a DELETE to
/<page_id>/tabs/app_<app_id>
Again passing the same Access Token as before.
In both the Graph Explorer and the PHP SDK, this returns:
(#100) Tab is not installed or not removable: <The same app_id I passed>
I've seen a couple of other people reporting the same issue, but apparently no solutions. If anyone has managed to figure this out, I would hugely appreciate your thoughts.
There are two possible alternatives:
Go to https://www.facebook.com/{page_id}/settings?tab=apps and manually remove the application from the page. If the app is not there, it has already been removed.
Or:
You can use the Real-time Update documentation and use a DELETE API call to unsubscribe the page from real-time updates. However, if your application is used with more than once page, it will also unsubscribe the other pages.
Prior to the may updates (we were using the offline tokens because they did not expire), I was able to send a delete request to facebook and remove the user's facebook link from within our software, after turning the disable offline access to enabled (disabled the old functionality), this no longer works. I am trying to figure out what may have changed. There are no current posts on the subject and all the posts I do find are VERY conflicting in answers.
i.e.
Remove the application from a user using graph API
vs
Facebook account delink or deauthorize facebook app and check status of linking from facebook app
This is also documented on the graph documentation as saying this command should work, I have tried a few different syntaxes (its not actually stated which syntax to use in the documentation - nice job Facebook, it just says "send a delete request").
Long story short, does this work? I keep getting the 400 error "bad request" when attempting to fix this feature.
I have tried the following two urls:
https://graph.facebook.com/userId/permissions?access_token=someToken&method=delete
https://graph.facebook.com/me/permissions?access_token=someToken&method=delete
Those questions aren't inconsistent, one of them was answered before the Graph API had support for this
https://developers.facebook.com/docs/reference/api/user/#permissions is the documentation, the example is:
(javascript)
FB.api("/me/permissions","DELETE",function callback());
I've done this many times and it definitely works
Sorry for having answered my own question:
Apparently I was actually getting random errors rather than actual errors.
I am unsure if /me/ works, because I did not go back to re-test it, but I am certain now that using the format:
https://graph.facebook.com/userId/permissions&access_token=someToken
Does indeed work correctly for deauthorizing your own application in facebook.
I'm writing a Windows Phone 7 app where I'm posting comments to the users feed on their behalf. I get the user to auth in the usual way (browser) and get an access token. All standard stuff that's been working for the last week. But today the posts have stopped working. I just get a "Remote Server not found" back from my web call. Here's the url that I'm using to post (this used to work perfectly before today):
https://graph.facebook.com/me/feed
Then I add these two form parameters: access_token=...&message=...
I pretty sure the server is up and the access token is good since I can successfully query the users basic profile info using a url like this:
https://graph.facebook.com/me?access_token=...
I have been debugging this flow a bit so my hunch is that Facebook is thinking I'm a spammer and has turned off programmatic posting. Does this happen? If y, what's the limit and what's the remedy? If n, any debugging pointers would be helpful, the new facebook docs are very sparse.
Thanks!
Found it, hoping others don't waste as much time as I did on this... So while I was debugging my app (that posts to a users feed) I was sending the SAME MESSAGE over and over again. Looks like facebook doesn't let you do that - which makes sense I guess. The "Remote server not found message" strangely enough is actually part of the OAuth 2.0 spec. I get the error but the "Remote Server not found" is pretty confusing...