I'm writing an app which requires me to have the user's date of birth so I can calculate their age. I'm using Facebook to authenticate the user, but I can't get access to the user_birthday permission on the GraphAPI unless I actually submit the app.
How can I get around this? The app is only in development at the moment, and I won't actually be able to finish it unless I can get access to the user_birthday property?
I believe I can get age ranges, but that's no use to me at all. I'm developing the app alone, and using only facebook accounts that I own, so no security risk at all.
Is there another way I can approach getting this permission? Or perhaps a workaround for development purposes? Am I missing something?
(app is being written in Flutter, and using a Firebase backend).
After hours of messing about, it seems I've found the answer. This is pretty ambiguous in the FB documentation, but it seems you have to request access to user_birthday in the initial login permissions, followed by just birthday in your GraphAPI request.
Related
We are building a mobile app on behalf of a corporation and the API needs to be able to return the corporation's Instagram feed. We have found that implementing what should be a simple requirement incredibly difficult.
We need to retrieve the following Instagram post data from the corporation's feed:
image url
caption
url to post
timestamp
With this in mind we identified that we need to use the Instagram Graph API which means there are strict requirements around permissions.
Note: We are open to using any method that returns us the required data.
Using the Instagram Graph API we need to use the following endpoints:
Media (to get a list of the latest IG Media objects for a user)
IG Media to get detail about each media object
This works fine but the problem lies with getting a long-lived User Access Token. To get this kind of token we need the instagram_graph_user_media permission. The Long-Lived Access Tokens documentation says:
Long-lived tokens are valid for 60 days and can be refreshed as long as they are at least 24 hours old but have not expired, and the app user has granted your app the instagram_graph_user_profile permission.
How can the app user (the corporation) grant the app the permission? As I mentioned this is for an app on behalf of a corporation.
Any help here would be really appreciated!
Thanks
Did you go through the App review process in Facebook? Whenever there are user permissions involved, you need to go through the App review process for your app. Even though you don't use user permissions, some user permissions are pre-requisites for some business permissions.
Read the article here for more information: https://developers.facebook.com/docs/app-review
Unsure if this will be of any help, but battling exactly the same thing today came across this and it made for some intresting reading https://solrevdev.com/2020/05/28/instagram-basic-display-api.html
I have written a Python script that makes some statistics for me and a couple of friends based on our posts and comments in them. I've been using it by getting a temporary token in Graph Explorer and copying it to the script before running it. So far I've been able to access friends' posts with API 1.0 (and for some time with 2.0, I assume that was a bug) but now the 1.0 API is getting closed and I'm running into an issue - while some of the /post requests are still accessible to me, many return an "Unsupported get request" error. I can only assume that I can't access these anymore unless I'm using their User Access Token.
I'm not sure what I can do now:
ask them to use Graph Explorer to provide me a temporary token. It works, is pretty secure with default permissions but I would have to do it every time I wanted to update the data.
make some sort of dummy app that they will log into once. I don't know if that violates any rules and if it will be removed immidetaly, I hope not. But I have no idea how to extract the user access token out of the app so I can use it in the script.
What's the "correct" way of doing this?
If the App is only for a specific group of people, it should be no problem. Just add your friends as Tester in the App so they can authorize it with the read_stream permission. Else you would need to go through a review process, and Facebook usually does not approve read_stream.
You don´t really need to handle the Access Token, just use the JavaScript SDK and read the stream of your friends whenever they visit your App.
Btw, you can get the Access Token in the callback response of FB.login. But it will only be valid for 2 hours, you can extend it to 60 days though. More information about extending Access Tokens: https://developers.facebook.com/docs/facebook-login/access-tokens
Easy solution: Create an entry page where your friends (who are Testers in the App) can authorize with read_stream. Right after authorization or refreshing the Token with FB.getLoginStatus, read their posts and store them.
Here´s some code to get you started on that entry page: http://www.devils-heaven.com/facebook-javascript-sdk-login/
...of course you can also just let your friends generated the Access Token manually. Information about that can be found in the Facebook docs (see Link above) or (for example) here: http://www.devils-heaven.com/facebook-access-tokens/ - they can then give you the Token, it will be valid for 60 days if it´s an extended one, or only 2 hours if it´s a default User Token.
I'm in the early stages of building a complex application that will tie into Facebook to customize a story using a Facebook user's personal information. I've successfully been able to request basic permissions, grab their name, and include it in the story.
I'm at the point now where I'd like to include some of the user's photos as well, but I'm running into problems with permissions. When I try to get an access_token using user_photos, I'm told that:
"The following permissions have not been approved for use and will not be shown to people using [APPNAME]: user_photos. Submit them for review or learn more."
If I have a look at my Facebook app settings page, I'm told the approval process can take up to 7 days and requires screenshots, and instructions how a reviewer can test my implementation of the desired permissions.
I don't understand how this is supposed to work. It seems like a chicken and egg situation. How can I build my application if I don't have permission to access any photos through the API? How can they test and determine if they want to give me permissions if I can't build the app they need to test?
Is there some testing or development mode I'm missing? Is there a test user I can use? I've tried creating a testing/development version of the application and granting permissions with an admin user, and still no dice.
Thanks for any help.
That is just a warning. You can always ask any user that have a role on the app for any permission
Good morning all,
I've got a Facebook application that my customers use as part of our service which with their permission posts content onto their companies page.
It works fine with my account to my company page wall but all my customers are getting an 403 error. I've checked their access tokens and it's not working with much luck.
I've Google around and I'm wondering if my application has been blacklisted or whether it's had a restriction placed on it. We used to utilise offline_access and we didn't realise there was a change to Facebook's policies for a while after this change came into existence. We've since updated our application to require our customers to revalidate their access tokens every month.
Our application is called "Testimonial Monkey" (Id: 155266164542877)
Thanks for your help
Sam
Try to check if you have enough authority to execute an API in / user-id/permissions.
Otherwise you need to get additional permissions for your application.
a link
Hope that help
I've been trying to figure out a way to have my iframe Facebook app (built in PHP) work without requiring separate authentication methods. I am already logged into Facebook, but for some reason I still see all these Oauth notices from the example in the PHP SDK.
The only data I need is publicly available even without them "adding" my app. I am looking to collect their Facebook ID (since this is a contest, we need a unique ID for tracking), their name and (optionally) their email address as well.
The problem is, I cannot use the API to fetch the public information unless I already know their Facebook username. Any ideas on how I might be able to get their logged-in username or public handle so I can then fetch the rest of the information?
For whatever reason, Oauth is driving me completely insane with Facebook today.
Sidenote:
I did manage to technically get the Javascript SDK operational, which fed some information to PHP for use. The only issue there is that once I login, I don't see the data. If I refresh...then it shows up. Unsure why the refresh is required, as I wouldn't expect a user to actually have to hit refresh in order to proceed with the app.
I guess you are a bit confused here, Facebook will NOT share the username, id, full name or email without the user explicitly authorizing/allowing your application (and in the case of the email, requesting the email permission!).
Read the official Canvas Tutorial for more information:
In order to gain access to all the user information available to your
app by default (like the user's Facebook ID), the user must authorize
your app.