We have software running where users can post on their personal timeline as well on their company pages (administrator). Over 400 users use this feature on a daily base. Works perfect.
However...
There is 1 users that only can post on his personal timeline and not on his company page.
This is the API log response when we try to retrieve the listed company pages:
Viewer don't have permission to the ADMIN_ONLY VisibilityReduction for urn:li:organization:5xxxxx
We already verified that this user is an administrator for this company page.
Question:
Since the other administrator (for the same company page) can successfully post on this company page we can rule out that there is an issue with the company page itself. It rather seems some kind of a setting for this particular person.
Someone an idea what this setting might be?
Related
This is the weirdest.
I created a Facebook Page back in 2011, and I have Admin permissions. So far so good.
Few years ago (before Business Manager existed) I started running ads, and somehow, the page became a "Business" and took ownership of itself. When I open "Page Roles" where it says Owner shows the username of the page instead of my name.
Recently I started a Business Manager account and when I try to import my page, it says "A Page admin needs to approve your request for access.". I am lost on where that request is being sent. It's not in my email and not in the "Page Roles" section, like the Facebook doc says.
I am double sure the Owner of the page is the page itself, because the Business Manager gave me the ID of the "Business" that has to approve my request... and is the ID of my Facebook Page.
I've been searching the internet for days looking for an answer, but no luck. Also, I am trying to reach Facebook Support, but although I am a paying customer seems to be disabled for my account.
Any ideas on what the heck is going on, how to solve it or how to contact Facebook support?
I really need and appreciate some help here!
In 2015 I had an issue with my page (I also ran ads) and contacted gms-emea#fb.com (Facebook Global Marketing Solutions - EMEA). They replied within a week. I don't remember where I found this information, I just looked up my sent mails for you.
EMEA is probably for Europe and Middle East, but you can try anyway. They will probably redirect you to the correct support for your region.
Good luck with your issue!
Till today there have been methods to get to Facebook User Page by user id. I mean ID, that facebook API returns to our app: https://graph.facebook.com/10152384781676191?fields=link
{
"link": "https://www.facebook.com/app_scoped_user_id/10152384781676191/",
"id": "10152384781676191"
}
But none of the methods works any more:
https://www.facebook.com/app_scoped_user_id/10152384781676191 - does not work
https://facebook.com/profile.php?id=10152384781676191 - does not work
https://facebook.com/10152384781676191 - does not work
UPDATE: It seems the following happened: according to TechCrunch, malicious sites pulled data form public user profiles.
After TechCrunch article Facebook immediately blocked the URLs that Graph API returns: graph.facebook.com/v2.11/{user-id}/?fields=link&access_token={access-token} . They "...are working on instituting additional authentication and rate limiting...".
Any 1) quick workarounds and/or 2) permanent solution?
Facebook banned the link property in their Graph API intentionally. Now they propose to fill out a from in order to review each case individually.
The form: https://go.fb.com/2018-FB4D-platform-review-form.html
News update from April 20th: Facebook Login Changes to Address Abuse
It came to our attention yesterday that some third-party tracking scripts on websites were directly accessing Facebook public profiles. While investigating this issue, we have taken immediate action by:
Disabling the ability to resolve the app-scoped user ID (ASID) returned by Facebook Login to a Facebook profile page, even for logged-in users.
Instituting rate limiting of profile picture requests, to further prevent any third parties from trying to link people's activity across different websites using the application-specific identifiers issued by Facebook Login.
We don’t take breaking changes lightly, but we believe that these updates will help protect people’s privacy and increase trust across the ecosystem. If you have an urgent issue in need of resolution, please fill out this form and someone from our team will get in touch with you.
Thank you for your patience while we work to resolve this issue as soon as possible.
I have a facebook user who is the owner of the company I work for. He has a single Facebook page, which is the "company page" on Facebook. He created a FB "app" with permissions "manage_pages" and "publish_actions". So the FB api can post to his FB Page, on his behalf, as the app.
Inside the company, we have a few hundred people that use an intranet-based software app. When the users engage in a certain function in the software, the code uses the Facebook API to post a message to the public company page using an access token of the FB account of the company owner. This system works great, but the app is not yet approved, so no one can actually see the posts on the FB page except the company owner.
The software is only available inside the company building, it's not reachable via the Internet. There would be serious intellectual property concerns with allowing an anonymous facebook employee into it. There would be security concerns about making this all public on the web. So I have to presume that FB will not be able to see the backend here - where the posts are created.
So because of this, I've run into problems getting the app reviewed because I have no way to let Facebook reviewers actually see the software where the user creates the post, as they requested.
Is this considered a non-starter setup by FB, or does FB have any contingency for this situation? Or do they expect every FB app to be used in a completely public environment? I'm just thinking surely I'm not the only person trying to use a FB app to post to a company page from a publicly-inaccessible place inside that company?
Thanks!
This was the answer to the problem, thank you CBroe: It is not a matter of approval that makes the app's postings viewable by everybody, but simply of the app still being in development mode.
The actual Facebook gui in the app dashboard doesn't say "development mode" on/off like it used to. It now says "do you want to make this app live to the public". I selected "yes" which made the app's postings viewable by everybody.
In my case, the original confusion stemmed from the fact that we didn't want to make the app live to the public, we only want our one company owner to use the app - so we naturally did not change that setting to "live".
How can I get a list of company pages that the currently authenticated user has permission to post to?
I have a user that has already been authenticated and authorized in my application but for the life of me, I can't figure out how to get the company pages he can post to, so that he can share updates to his pages from within my application.
I am not interested in which companies the user worked for, just the company pages he can post to.
I can see in the docs how to post to a company page after I get its ID but my problem is getting the ID.
Can anyone point me in the right direction, please?
As is usual in these things, after hours of searching and ending up posting a question on SO, I found the answer - and in another SO question: How to fetch admin profile details of a company page using Company API - Linkedin
A list of all the companies the user is admin for can be obtained here: https://api.linkedin.com/v1/companies?is-company-admin=true
This is actually mentioned in the API docs but I didn't pay much attention to that page because I assumed it was all dealing with getting information about pages for which you already had the ID. Assumption - still the mother of all f$%& ups.
I'm working on a Facebook app that requires a few basic permissions (email, birthday, etc) as well as publish_actions (so I can create stories about user interaction).
When I ask for these permissions, the end user is presented with one screen for the basic permissions and yet another for the publish_actions permission.
However, when I looked at the following app from Amazon:
http://www.amazon.co.uk/gp/socialmedia/promotions/SprngSweep
When I click on the enter button, I am redirected to Facebook to ask for permissions (as expected), however, they have all their permissions one page (Amazon would like to access your public profile, friend list, email address, birthday, photos, videos, personal description, likes and your friends' birthdays and likes. Amazon would like to post on your behalf. Amazon would like to access your data at any time.)
I can't add a picture due to lack of rep
The url that I'm redirect to is this:
https://www.facebook.com/dialog/oauth?client_id=164734381262&redirect_uri=https%3A%2F%2Fwww.amazon.co.uk%2Fgp%2Fsocialmedia%2Ffbr%2Fconnect-handler.html%2Fref%3Dfbr_hn_SprngSweep%3Fie%3DUTF8%26appName%3DAmazon%26externalApp%3DKindle%26onSuccess%3D%252Fgp%252Fsocialmedia%252Fpromotions%252FSprngSweep%253Fie%253DUTF8%2526sm-sweeps_submit%253D1%2526sm-sweeps_submit.x%253D66%2526sm-sweeps_submit.y%253D20%2526sweepsConnect%253D1%2526sweepsEligibility%253D1%26ref%3DSprngSweep%26token%3D6CBF36BD25311891B2F205333EFA3AA78E561AB9&scope=
While attempting to investigate this myself, I noticed that they aren't even passing a value for scope in the url.
How the hell are they doing this?
Most likely they are using an old API (FB changed the behavior over there recently, read their blogs please) or they are using hidden features which FB created for them (as this has an impact on there advertising revenue obviously, and even these guys are "coin operated").
The "two pager" is normal, FB API and FB advertising API quit the same. I wouldn't worry.