I'm building an app which acts as a simplified layer of the Facebook Ads manager. It can create ads trough the Facebook marketing api.
There are also other services such as adespresso or manychat which offer such a service.
Now I'm wondering about the following: when a user in my app authenticates, I get a short-lives user-access-token. As far as I understand the documentation, there is no way of refreshing this token. The user would need to login again.
When I look at the above mentioned apps however, I stay authenticated. I don't have to re-authenticate each time I'm using the app. So does anyone have a suggestion of how to do it like them?
Related
I'm trying to create an app with the new Graph API for instagram business accounts.
I am following the documentation here
It says after adding Facebook login, I need to submit the app for review to be able to use the api, and I need to create a screencast on how the app will be used.
Am I looking at the wrong documentation? How am I suppose to create the app without being able to pull any data from the API?
Is there no sandbox mode until the app is developed that I can use?
Do I have to create an app using the Instagram API first to be able to request permissions to use it?
While I haven’t had any experience in Instagram apps, I do have a bit of Graph API experience with Facebook
While in development (a switch at the top of the App Dashboard), any developers and administrators can test the app using any and all permissions. To make the app public however you need to submit for review.
The new instagram graph API is an extension of the existing Facebook API.
So you can make requests on the new API by have a facebook login on your app, then requesting access for the users pages and the users instagram data.
Once you are able to access their pages data you can submit a get request and fetch ?fields=instagram_business_account
once you get the instagram accounts ID, you can make requests on it following this documentation
In development you can only access your own pages, once you build using your own data then you can submit your app for permissions, and finally you can submit your app for review.
I'm developing a mobile API and I would like to allow mobile users to log in to my mobile application using their Facebook account.
I've been struggling to find some detailed information regarding this request. Could someone point me in the right direction? I'm using the following Laravel package for OAuth2:
https://github.com/lucadegasperi/oauth2-server-laravel
As I understand, the user clicks the "Login with Facebook" button and then proceeds to authentication. Facebook provides the access token as a result. But how does a user account appear on our server? And to my knowledge, it is our server that should provide an access token which is tied to the user account on our database. Could someone clear this up?
Have you looked at the Facebook mobile sdk guides?
iOS: https://developers.facebook.com/docs/ios
Andriod: https://developers.facebook.com/docs/android/
The package you mention looks like it performs oAuth authentication, and I don't think you need that. If I understand correctly, you should be able to use the Facebook sdk to perform the authentication and tell your app that the user is authenticated. You will have to create a user account for them (for example, add a record to the users table in your database) and store their Facebook ID.
Does anyone know of a way to use social logins without having to create an account with a social media website? For Example, I want to use Facebook's Login on my website, but I do not want to create a Facebook account nor an app just to use their login.
Far as I know it pretty much requires (facebook) an App to be created (on developer site for facebook) in order to utilized services with a website.
Unfortunately, in order to maintain a safe development environment, and to prevent the creation of spam apps, it is required that Facebook manage its developer users. This is to allow them to block apps that act maliciously, and to allow permissions to be managed on their server for the app access token. For a more detailed answer, I'll refer you to one on StackOverflow by Lix.
The existing website uses Facebook OAuth for login. The plan is that soon that certain events on the site will be posted to the user's timeline. The "userA watched xxx" kind of thing.
We're also at the stage of starting an iPhone app to connect to the website's data API. If the user has authenticated to the website with the mobile app using the facebook login:
would the mobile app need access to the Facebook oauth keys? I'm guess not, as the user would do something, and the website would have the credentials stored to post to facebook, but I'm not sure.
would there in fact be 2 apps, one that is facebook based and one that is not?
Apologies if this is really basic information I'm asking, but I've not developed Facebook apps previously and the information I look at isn't always clear.
In my apps, I code two authentication flows, one for facebook users, and one for users without facebook (this is the typical, create your account, and subsequently login with your username and password). So one app, two login flows.
Regarding the app accessing the Facebook oauth keys, if you are coding with the Facebook iOS SDK, you won't even need to worry about the oauth key itself, as it's totally encapsulated by the SDK. You'll simply invoke methods to trigger authentication, and then once the user is authenticated, you can call other methods to invoke certain aspects of SDK/API.
The Facebook iOS SDK supports all the functionality you'll need to make the posts directly from the app itself. You won't need to make an API call to your server, to then make a second call to the Facebook API. Just handle all that from the app directly. So if your app does depend on a successful API call to your server, prior to posting to Facebook, make that API call, wait for the response (that either includes additional data, or a success:true flag), and then make the post to the Facebook via the Facebook iOS SDK.
The Facebook iOS SDK docs are AWESOME these days, and the code samples are even better. Check them out at:
http://developers.facebook.com/ios/
Suppose that I make an app that is using Facebook login (basically for dealing with who is who). Is it possible that the app to fetch the user's history from Foursquare if it get the user's permission? (The user uses Facebook's login on Foursquare as well)
No. You need to go through each authorization flow separately. First, the user grant your application access by going to Facebook and coming back with an access token (or authorization code you later exchange). Then you need to send them over to Foursquare to approve access again. Foursquare might need to authenticate them via Facebook but that's really not your concern (and should be transparent if they have an active Facebook session). Foursquare will issue you another access token for their API.
There are discussions in the community about the use case of allowing your application to pass the Facebook access token to Foursquare so they can validate the user identity with Facebook and then issue you an access token. However, there are many issues with that. By not directly interacting with the user, Foursquare has no way of knowing that the user wants to give one application access to their data stored on another application.