My FB account has completed the verification process, it looks complete, but I never got a chance to request a code (the one that is mailed to you) and now I can't access this part of the API because I get "Application does not have permission for this action" which supposedly happens when your account is not fully verified.
How to get access to the Ad Library API?
Related
I've written a Python script to pull performance metrics data from the Facebook Graph API for a connected Instagram Business account. It's a script which runs locally and uses my account's credentials.
I've submitted an App Review selecting "No" and "App doesn't use the Facebook Login dialog." for the "Is a Facebook reviewer able to access or login to your app to verify you're using permissions or features according to Facebook Platform Policy?" and "Why isn't a Facebook reviewer able to access or install your app? Select the option(s) that best describe the functionality of your integration." questions.
However, it's been rejected with the following reason given:
"We found that your app's test credentials did not allow us to fully review the content of the app or there were no test credentials provided for us to review. If your test credentials do allow access, check that the account is setup properly to provide us with full access and to allow us to reproduce the use case steps."
I followed the steps from the Server-to-Server App Sample Submission. I've explained why each permission is required and uploaded a screencast of accessing the relevant endpoints.
Is there something I'm missing?
We implemented the Marketing API into our company's order management system to automate the creation of ad campaigns. A system user was created with the proper permissions, and the integration has been working. We're only using the API for our own ad account and pages, which we of course own. The "Facebook App" is set to live mode and has been for a couple weeks now.
But starting sometime today, we have been getting errors saying that the ads_read and ads_management permissions are required. And sure enough, they are indeed missing from the access token for the system user when I use the access token debugger.
What would have caused the system user to be missing these permissions all of a sudden? We are still on the dev tier and have only recently reached the 1,500 calls required to request standard access. That's the only thing I can think of so far, but is that the reason we suddenly don't have the proper permissions, or could it be something else? I haven't read anywhere in the documentation that we would lose these permissions upon reaching 1,500 calls, and I was planning on requesting the standard access next.
Also, I have read in various spots: "You do not need to submit your app if it will only be used by you or by a reduced number of people." That is actually our case, as we are only using a system user for the API calls, and there are only a few users tied to the Facebook ad account. So, do we need to submit our app for review?
Thanks in advance.
I'm trying to publish a feed. I receive an error
The permission(s) manage_pages,publish_pages are not available. It could because either they are deprecated or need to be approved by App Review.
After I take a look at their example for app review, I see this.
In my understanding, I think this mean I do not need for a app review if I use admin user access token. Correct me if I am wrong.
As I am the only one who will publish feed on my page, I try to set the access token to my admin account access token. But, I receive another error
(#200) Unpublished posts must be posted to a page as the page itself.
Is that mean the only way I can do is to submit app review?
First off, I'm not looking for the access token of a facebook account.
I (or my facebook messenger bot) need the access token of a linked 3rd party account.
The account was successfully linked as described here: https://developers.facebook.com/docs/messenger-platform/identity/account-linking
Slightly off topic: The first issue I noticed that does not meet the OIDC/OAuth2 specs is, that the redirect URI given to the /authorize endpoint expects a param "authorization_code" instead of "code" with the actual authorization code. Ok, good thing we do not use off-the-shelf software for the IdP, so I could mend that. Yet.
Now, I'm accustomed from the Amazon Alexa account linking to let the amazon do the token management, refreshing etc. and to deliver an 3rd party access token with every request.
But not with Facebook, it seems. As far as I managed to understand (not by the docs, but by try&error), for the Facebook Messenger the account linking is finished once they get the authorization code (and call an associated webhook).
But since I need an actual access token for every request to my bot, that's not gonna help much.
It now looks as if I have to extend my bot to be a complete, but not standardised, OAauth2/OIDC client (including token handling, refreshing etc.) with some problems:
how to check the validity of the redirect URI?
should be the same as in the initial request
how to validate the authorization_code?
keep in mind, normally this bot has no connections/access to the database of the IdP
how to link this to a specific facebook user id?
My question now is, how to cope with that behaviour when I aim to use standardised software for the OAuth/OIDC IdP? Any ideas?
Thanks in advance
Thomas
EDIT:
To clarify what is meant by "account linking": I'm not interested in the users facebook account, I want to access information of a 3rd party account (provided with my actual service) of that user.
For example a call like "How many pictures are in my tumblr account" will need the customer to link the tumblr account to this facebook messenger bot.
For comparison: this worked extremely smooth with Amazon's Alexa and Google Actions. I simply had to input the client credentials and OAuth endpoints and thats that. If the user successfully linked the 3rd party account, I get an access token with every query to my backend, as expected.
EDIT2: as pointed out by CBroe, this is not supported by Facebook. Only actually "linking" the User IDs is possible.
I have facebook app with status Live and available to all users. When I login through this app on my site I get access_token for my facebook user. And with this access_token I can read with Ads API next methods (for my own ad campaigns):
/me/adaccounts
/act_<AD_ACCOUNT_ID>/agroups
But when someone else login on my site (and confirms all permissions) and I get his/her access_token I can't perform second api call. I get this error (#10) You do not have sufficient permissions to perform this action. But I can get account ids. So, first method works, second not. How to fix this?
P.S. Status of app in App details tab is Unapproved (lightblue circle).
P.P.S. After adding that user to app's developers all is ok with second method (adcampaigns).
Your app is most likely in development Tier for Ads API Access
https://developers.facebook.com/docs/reference/ads-api/access#limits
You need to apply for higher levels
Some time its happen when you reach the limit of Marketing API Access.
https://developers.facebook.com/docs/marketing-api/access
Suppose your application have basic Marketing API Access Levels (In Basic, further test, iterate, build an app with up to 25 external accounts.) and you reach limit of ad account. When your new ad account(s) will request Facebook Ads API access then facebook send you mention error response.
To check your ad account(s) and their limit
Facebook APP -> Settings -> Advance tab -> Advertising Accounts section -> Ads Api button
https://developers.facebook.com/apps/YOUR_APP_ID/settings/advanced/