I’m trying to automate creation of ad accounts for my own business, and then upload custom audiences into these ad accounts. I wish to do this using a system user.
I have written some scripts to automate this process, but I am unsure how to receive the appropriate permissions from Facebook as I can not create a screencast, as my scripts has no UI. It’s just a collection of scripts.
Some research has a said that if apps only talk to a small number of accounts, you can just leave apps in dev mode to avoid going through app review, but I don’t think that’s possible in this case for the following reasons.
When my app is in dev mode, and I try to POST to https://graph.facebook.com/v7.0/<my-business-id>/adaccount to create a new ad account in my business, I get the error: "(#270) Development access is not allowed to access business API post:Business/adaccount.” OK. So my app has to be live for me to use this end point. If I set my app to Live, and then try to hit this end point, I get this error "(#294) Managing advertisements requires an access token with the extended permission for ads_management”
Then, looking at the permissions screen in my app, it appears I need to submit an app review with a screencast to be able to use the ads_management permission.
Additionally, if I want to use a system user, I can only approve permissions that have been approved by the app review process.
Given that my app has no UI (and nothing to screencast) how should I proceed? Or am I missing a way to do this without going through the app review process?
Facebook as provided instructions on how to submit those kinds of apps here, https://developers.facebook.com/docs/apps/review/server-to-server-apps:
If your app has no user interface because it exchanges data directly with our APIs, refer to this guide when configuring your app's Basic Settings, and when completing App Review.
Related
We're trying to use the Facebook Marketing API ads_management permission. We want to use the permission to allow our clients to push the media that was created for them on our app to their personal ad manager
Based on their allowed usage, it sounds like we're utilising this correctly but every app review is being rejected with a fairly generic
Your screencast doesn't show how the use of this permission directly improves the user experience in your app. Unfortunately, we also weren't able to determine this from testing your app manually.
For the first point - our screencast shows a brand/client navigating our app to where all their media lies - connect their facebook account - select the media and then push to the ad manager
This gives us the correct response as long as we use their sandbox environment on the Marketing API
On the second point Unfortunately, we also weren't able to determine this from testing your app manually
We provide test credentials for them to login into our application and go through the exact steps demonstrated in the screencast.
I know these reviews have been giving a number of developers issues but would love to hear if we're missing something really basic in our use because the usecase is really straightforward and not really sure how else to demonstrate it
Thanks
I am trying to set up a new Facebook App that is used to pull in the latest post from a public page into another website. I successfully did this a few months ago, but since the GDPR law has come into effect, Facebook's process of creating new apps has become much stricter, requiring them to go through App Review before allowing access to the Pages API product.
However to go through the App Review process, I need to provide step by step instructions and a screencast of the app in action. This isn't an app in the traditional sense, and how am I meant to show the app in action when I can't get it working without it being reviewed!?
The docs mention that "While testing and before submitting for review, your app may only access content that is available on a Page that you, as an app admin, developer, or tester, administer. If the app wants to access public content on other Pages, you must submit this feature for review" - does this mean that I do not to go through App Review if the Developer Account has access to administer the page in question?
To answer your question directly, if your app will only be loading data from pages that you admin, you don't need review/approval to use that API
That said, if you're making this app to fetch posts from someone else's page it will need approval, and if it's a simple background script i'm not sure how you can have it reviewed - the process is focussed on page management tools used by multiple users rather than once-off scripts
So we've developed a Facebook App (and similar apps on Twitter and Instagram) that allow users to post and read content using an external system. We'll sell this integration directly to our clients, so it's a private application.
Basically the user will see a very simple page with a button "Log in to Facebook" and a disclaimer regarding the authorization (we'll use some query params fixed in the url, depending on the client). The client authorize us and we capture the access tokens.
To submit the app review, though, we have to explicitly give a test user to the reviewers, but that's not really possible because the real "action" happens within the integrated systems, NOT within the app itself. And those systems are not public (they shouldn't be).
So just to be clear: our app is basically a very simple "Facebook login" that we use to get tokens, generated by specific clients authorization. It's not going to be published anywhere.
Until we have around 5 to 10 clients we can add the specific users in our app as Testers/Admins/etc, but what if we scale up? Say we have 20 clients. How are we supposed to get our app to be "live"?
To follow the app review steps we would have to create some users in our local systems (we have some dev environments), open them to the internet so the reviewers can log in and see how it actually works? Is that it?
(btw I'm asking this because our app review was rejected twice and I want to make sure I'm submitting everything they ask this time).
Thanks :)
I think the Login Review FAQ answers most of your questions. The key point:
Our review team will actually test how your app uses each permission on every platform you have listed in the settings section of your app.... You'll need to explain exactly how to test each permission or feature in your app so that we can make sure it works and follows our policies. We can't approve your app if we can't fully test how it integrates with Facebook.
In other words, it's not enough to just allow them to log in to your app, you have to expose all Facebook-related features to the reviewer.
To follow the app review steps we would have to create some users in our local systems (we have some dev environments), open them to the internet so the reviewers can log in and see how it actually works? Is that it?
Yes, though I'm not sure what you mean by "open them to the internet". You should be able to create a test user on your local system and link that account to a test Facebook user. Then you can have the Facebook reviewer use that test account for their review. (From the FAQ: "In the Items in Review section, you'll see a Test User (optional) section that allows you to type the name of the user you wish to be used in your review.")
I created an fb application which uses the following permissions: manage_pages,publish_pages, and read_insights.
The main purpose of the application is to give to the authenticated user reports and statics about the popularity of his own fb page.
I noticed that I can't use those permissions until I submit the app for review.
In the facebook developer account, I noticed that for each of the above permissions I have to complete some notes:
1. How a person logs in with Facebook
2. How a person sees the permission used in your app.
Also they want me to upload a video to show them that I use the permission correctly.
The problem is that I'm not sure what should the video contain in order to clarify the point 1 and 2.
Right now my application is only doing the authentication phase (signup), and in the next release we are going to create and display analytics for each user who joined the platform.
I would be grateful, If you could give me some suggestions regarding what facebook would like to know in order to approve the permissions.
Thanks,
Your App needs to be working before you can send it in for review. Meaning, you need to have at least a working prototype. For development, you do not need to go through the review process, every permission works for everyone with a role in the App without review.
In other words, you can´t go through review with permissions you don´t even use right now.
I have a Facebook app which is currently live, but would like to add additional functionality which involves requesting additional permissions (mainly publish_actions). The new permissions, due to Facebook policy, need to be reviewed by their team before they can be used live.
Is it possible to use one app for this? Is there a way (and is it acceptable by Facebook) to lead the user down a different flow if they are a tester, rather than a user during the review process?
I've also looked into the possibility of a test app, but I'm not sure if it's possible to flag that the app to review is a test version, which would then be approved on the live app. Facebook's FAQ seems to suggest this is not possible.
I'm not marking this as a definite answer, as it's a bit hacky and I have no confirmation that this will work until the review process has been completed. However, you can use the FB API to determine whether the user viewing the app is a specified test account or not by adding conditionals based on the user ID. It will also help if you make the test account an automatic user of the app on user creation.
For example, if you want to include new functionality, check if the user ID is a specific test account ID or not. If it is, display it. If not, display something else.