Now, My Facebook Login API has been restrict with the following message from Facebook:
Your app is violating the following Platform Terms or Developer
Policies: Developer Policy 1.2: Build an app that is stable and easily
navigable.Some common violations of this policy include:
Broken Facebook integration (e.g. broken share, like or comment functionality)
Broken user experience in the app (e.g. app has broken links or user interface failures)
I still have no clue what I have done wrong on my Facebook API though.
How can I make a change on Facebook API to solve this kind of problem that causes Facebook to restrict by Facebook Login API.
That may be due to the following reason:
Facebook periodically reviews the websites and applications which are
on it. Your application is in its review process currently. We are
required to test the Facebook login functionality in order to conclude
the review in totality. However, we are unable to do so.
Unfortunately, we have not been able to locate a Facebook integration
(Login, Share, and Like) on your submitted platform. To help us
conclude the review process, could you kindly share the details
regarding the location of a Facebook integration and how to navigate
to it on your website URL.
This review is essential to Facebook as we want to offer the best
experience to users as well as developers like yourself. Please help
us in bringing your application into compliance by working with us.
Alternatively, you could aid us by sending us credentials of a test
user who is already registered and connected to an FB account within
the app. You can get all the information related to creating a test
user here - https://developers.facebook.com/docs/apps/test-users.
Most people get this response in further detail. You can check the Facebook button on the given URL in the Facebook app.
If Facebook button URL is different and the URL mentioned in the Facebook app is different then you should reply to them and explain it.
Related
I've written a Python script to pull performance metrics data from the Facebook Graph API for a connected Instagram Business account. It's a script which runs locally and uses my account's credentials.
I've submitted an App Review selecting "No" and "App doesn't use the Facebook Login dialog." for the "Is a Facebook reviewer able to access or login to your app to verify you're using permissions or features according to Facebook Platform Policy?" and "Why isn't a Facebook reviewer able to access or install your app? Select the option(s) that best describe the functionality of your integration." questions.
However, it's been rejected with the following reason given:
"We found that your app's test credentials did not allow us to fully review the content of the app or there were no test credentials provided for us to review. If your test credentials do allow access, check that the account is setup properly to provide us with full access and to allow us to reproduce the use case steps."
I followed the steps from the Server-to-Server App Sample Submission. I've explained why each permission is required and uploaded a screencast of accessing the relevant endpoints.
Is there something I'm missing?
We have a simple app that summarizes the total number of mentions your instagram account gets using the IG-User/tags endpoint on the graph api (https://developers.facebook.com/docs/instagram-api/reference/user/tags/)
The pre-requisite of the app is the user has their fb account linked to their IG - Business or IG - Creator account.
Unfortunately every time we've submitted it for review so far it has come back with the same comment from FB:
"Although we were able to login to your app using the Facebook Login authentication, we were unable to test the steps to connect an Instagram business account. As a result, you'll need to implement an integration flow for an end user to connect their Instagram business account(s)"
Now as I understand it there is no way I can get the user to link their IG account to FB or to a FB page using the API. The "link account" action is purely handled using the Instagram app. Or am I missing something here.
Well after 3 weeks of back and forth with multiple seemingly segmented facebook support teams I have been able to get this permission from them.
Turns out that there's an unexplained flow here:
This is verbatim from the information I received from their chat support (but is not found anywhere in the documentation)
"You have needed to provide Test Users on your App Dashboard, grant the test user the Instagram_manage_comments permission and then provide us with the login details. We would then link that to an internal Instagram Business Account."(sic)
The part where they link an internal business account to the test user happens on their end and outside the scope of the app. I confirmed this and even then I failed the review multiple times because apparently the steps to approve IG business permissions have not been standardized yet and sometimes the approver simply doesn't know what needs to be done. It's a strange state of affairs and the answer it seems is to just keep pushing.
I'm having the same problem and looking forward to see some comments to your post since the first day. But I started to think it will never come.
I believe they want a new user to start with minimum permissions (which is the email permission) and add other permission only as they are needed. This requires a mechanism in your app that guide a new user logged in with only email permission to give other permissions (e.g. taping a button that opens up user’s IG business account needs instagram_basic and manage_pages permissions. Or taping “post comment” button needs manage_comments permission.) So your app should open up a window that the user can give permissions when any of these events fires. (or when user decides to take permission(s) back)
This is what I understand from “steps to connect an Instagram business account”.
But I am not sure if my understanding is correct. I would definitely like to hear if you found any solutions.
I'm also having the same problem as you as I'm developing similar service to IGBlade (https://igblade.com) & Social Blade (https://socialblade.com).
I'm beginning the wonder if I should change my app review request so that I would inform Facebook that the permissions my app is requesting work serverside and therefore there's no need to implement an integration flow for an end user to connect their Instagram business account(s) to my app.
Any thoughts?
Here is what I have done to get the approval
Create a Facebook test user with correct permissions
Log in with this user
Create a Facebook Page
Edit settings on Facebook Page and add Instagram Business account (personal one)
Submit Facebook review with both credentials (Facebook test user + personal Instagram user).
Wait for review and do not forget to change your personal Instagram user password after the review.
I am not able to get webhook calls when another user post a comment (with mentions) on another/my media.
Just for testing purposes I set up a ngrok server for my webhook endpoint, which always answers with a 200 and handles the verfication. Before the heavy coding I just wanted to see if the webhook workflow for Instagram is generally working.
I created a Facebook app, an Instagram business account, a Facebook page and linked the page with the Instagram business account. With the information at Webhooks for Instagram I created a page access token with the Graph API Explorer. When I debug the token with the Access Token Debugger, everything looks fine. All needed permissions like manage_pages, pages_show_list, instagram_basic, instagram_manage_comments, instagram_manage_insights, public_profile are there. With the page access token I am able to fetch all informations regarding my linked Instagram business account via the Graph API Explorer.
Also the Instagram product was automatically added to my Facebook app. Test requests, which where send via the app dashboard (Webhooks product), will be received by my ngrok server. But any type of mentions or comments from another or my Instagram account (business or not) on my or other medias will not be received. What am I doing wrong? Do I have to send those comments/mentions from a specific account, since the app is in development mode and there roles in the app?
After speaking with the Facebook support, my confusion has been resolved.
The problem is that the Webhook for the Instagram product does not work without a verified app review. I had been wondering how to record a screencast with my running solution, without running webhooks... Above all, I had wondered why the webhooks in dev mode worked for the product messenger but not for instagram (or others). Apparently, the app review is not about the technical implementation but rather about checking that the implementation complies with the facebook guidelines. Therefor I want to quote the Facebook support:
Messenger does allow page owners and app admins to receive webhooks for their implementations in devmode and is by design. However, this is not the same for instagram or pages. This is just how the product teams have decided to implement it. For app review, you can show a mock process of the flow, using either the test webhook or your own process. The app review is less about technical implementation steps, but just a way to make sure that your app is going to use the permission in a way that follows our guidelines, so mocking the procedure should be fine. The reviewers understand that you do not receive webhooks in dev mode and should take this into consideration.
Consequently, I will now have to submit an app review and for that I have to imitate the webhook.
I'm building an internal app for a client of mine (an ad agency) who wants to do ad performance reporting for about 30 of their clients. Part of this project is to pull down performance metrics from Facebook Ads for these 30 clients.
I've created a Facebook App and got a development token. With this token, I've been able to get the technical part of the project working -- I can pull down the metrics just fine using Facebook's Marketing API.
My question is about authorization and authentication. I'm thoroughly confused by Facebook's mechanisms for this.
What do I need to do to get access to Marketing API metrics for these 30 clients?
Do I need to publish a Facebook App? If so, do I need to go through the approval process? This seems kind of crazy because Facebook wants a login so they can test things out, but the product is strictly internal so there's really nothing they can log in and see.
I guess another question is: Is there another way I can get access to these 30 clients? With Google Adwords, it was easy. I just used oauth and am granted access as needed. Is there a simple way like that with the Facebook Marketing API?
You need to submit your app for review, if you want to be able to ask all users for the permission.
If your app is used by a limited number of people only, that you can add to a role in the app - then they can be asked for all permissions, even without review. This is mainly for testing purposes, but Facebook has it documented as a kind of “loophole” for apps that are only used by a limited user base. https://developers.facebook.com/docs/apps/faq#faq_180362122361921
I have a headless Facebook app that we've been running for 4 years. It is a bit unique in that, a) it has no user display b) it isn't available on the public internet it is hidden behind firewalls.
I use the standard Facebook Login Page during configuration of our app merely to get a permanent access token and authorize permissions. The only permissions I need are publish_actions, publish_pages and manage_pages.
I've tried to submit the approval form for this app to Facebook and get complete rejection because I haven't provided screen shots of what they see when they log into the app. I can't do that because as I said, it's headless and not available on the public internet. The response I get from the reviewers is completely canned with no thought on their part as to the restrictions of my app.
Does anyone know what I can do to get this app approved? As I mentioned, we've had this app on Facebook for 4 years prior to April 30, 2015. Is there someone I can talk to at Facebook? I've tried to explain the situation in the submission form, but obviously that didn't work.