I have a Facebook page listed in Facebook NPI. I am an editor of that page. When I am trying to check the subscription/news messaging permission status programmatically using this api:
https://developers.facebook.com/docs/messenger-platform/reference/messaging-feature-review-api/?hc_location=ufi
I am getting the following permission error:
(#200) User does not have sufficient administrative permission for this action on this page. If the page business requires Two Factor Authentication, the user also needs to enable Two Factor Authentication.
But when Facebook page owner calls this API, it returns the status successfully.
Can anyone tell me why page editor is getting the permission error?
Guess that is simply considered a page management action you do not have access to using that “role”.
Roles have been replaced by Tasks by now, see https://developers.facebook.com/docs/pages/overview-1#tasks
The only difference in the tasks they can perform, between old Admin and Editor roles, was MANAGE - so I guess you will need to have a page admin approve your user account for that task on the page now first, if you want to be able to use this particular API.
Related
I am integrating facebook leads in my CRM, like I can get leads from Facebook Pages on behalf of my client's.
I am encountering this error.
To subscribe to the leadgen field, one of these permissions is needed: leads_retrieval
I have standard access for 'leads_retrival'. Advanced access can be achieved after hitting the API at least one time.
you need a token that has advanced access to leads_retrival. To get such a token, you can go to the Facebook Graph API Explorer, and then you can add permissions of leads_retrival. Permission can be added in the right middle of the tool and you can add them for testing purposes as you can see in the picture. .
Once you add the permissions, then you can click on generate access token, and a popup will open from Facebook, you have to allow a few things and then you can use that access token for hitting the API for testing purposes. Then you can apply for advanced API access.
So, I've created a Webhook with Facebook for my Ads Leads. It is working - I'm receiving the Webhook with the RTUs.
The problem is when I call the api to retrieve the data associated with the form. I'm using the leadgen_id to call the api and I'm gettin:
Unsupported get request. Object with ID '' does not exist, cannot be loaded due to missing permissions, or does not support this operation. Please read the Graph API documentation at https://developers.facebook.com/docs/graph-api
The point is: when I test it here: https://developers.facebook.com/tools/lead-ads-testing the leadgen_id that is returned works with my API calls and I can access the form data that I need.
But when I try with the leadgen_id that I receive from users registering in my ads, it returns the error message.
Any idea of how I can solve this problem?
This sounds like missing 'scopes' on the access token you are using to make the Graph API call. Generally, for webhooks you need a few scopes, these are the ones I currently have on my webhook:
pages_manage_cta, pages_show_list, ads_management, leads_retrieval, pages_read_engagement, pages_manage_metadata, pages_read_user_content, pages_manage_ads, pages_manage_engagement, public_profile
You can use the Access Token Debugger tool to see the list of scopes on your access token (https://developers.facebook.com/tools/debug/accesstoken/)
Your Graph API access token might have expired. To setup a permanent access token follow the instructions on here: Long-lasting FB access-token for server to pull FB page info
I had this same problem. I was able to get this to work by giving my System User 'Manage Page' access and 'Leads Access' in Business Manager.
Add your System User to the Page with 'Manage Page' access.
Business Manager > Business Settings > Accounts > Pages, and select the Page you are working with from the list.
Click 'Add People,' select your System User, and toggle 'Manage Page' setting.
Add your System User to Leads Access.
Business Manager > Business Settings > Integrations > Leads Access, and select the Page you are working with from the list.
Click 'Add People, and select your System User.
We have a simple app that summarizes the total number of mentions your instagram account gets using the IG-User/tags endpoint on the graph api (https://developers.facebook.com/docs/instagram-api/reference/user/tags/)
The pre-requisite of the app is the user has their fb account linked to their IG - Business or IG - Creator account.
Unfortunately every time we've submitted it for review so far it has come back with the same comment from FB:
"Although we were able to login to your app using the Facebook Login authentication, we were unable to test the steps to connect an Instagram business account. As a result, you'll need to implement an integration flow for an end user to connect their Instagram business account(s)"
Now as I understand it there is no way I can get the user to link their IG account to FB or to a FB page using the API. The "link account" action is purely handled using the Instagram app. Or am I missing something here.
Well after 3 weeks of back and forth with multiple seemingly segmented facebook support teams I have been able to get this permission from them.
Turns out that there's an unexplained flow here:
This is verbatim from the information I received from their chat support (but is not found anywhere in the documentation)
"You have needed to provide Test Users on your App Dashboard, grant the test user the Instagram_manage_comments permission and then provide us with the login details. We would then link that to an internal Instagram Business Account."(sic)
The part where they link an internal business account to the test user happens on their end and outside the scope of the app. I confirmed this and even then I failed the review multiple times because apparently the steps to approve IG business permissions have not been standardized yet and sometimes the approver simply doesn't know what needs to be done. It's a strange state of affairs and the answer it seems is to just keep pushing.
I'm having the same problem and looking forward to see some comments to your post since the first day. But I started to think it will never come.
I believe they want a new user to start with minimum permissions (which is the email permission) and add other permission only as they are needed. This requires a mechanism in your app that guide a new user logged in with only email permission to give other permissions (e.g. taping a button that opens up user’s IG business account needs instagram_basic and manage_pages permissions. Or taping “post comment” button needs manage_comments permission.) So your app should open up a window that the user can give permissions when any of these events fires. (or when user decides to take permission(s) back)
This is what I understand from “steps to connect an Instagram business account”.
But I am not sure if my understanding is correct. I would definitely like to hear if you found any solutions.
I'm also having the same problem as you as I'm developing similar service to IGBlade (https://igblade.com) & Social Blade (https://socialblade.com).
I'm beginning the wonder if I should change my app review request so that I would inform Facebook that the permissions my app is requesting work serverside and therefore there's no need to implement an integration flow for an end user to connect their Instagram business account(s) to my app.
Any thoughts?
Here is what I have done to get the approval
Create a Facebook test user with correct permissions
Log in with this user
Create a Facebook Page
Edit settings on Facebook Page and add Instagram Business account (personal one)
Submit Facebook review with both credentials (Facebook test user + personal Instagram user).
Wait for review and do not forget to change your personal Instagram user password after the review.
I have facebook messenger application (it is bot using MS Bot Framework, although I don't think it is relevant). It has webhook subscribed to page events. It used to work fine until few days ago, when the webhook was unsubscribed from page and when I am trying to subscribe again it tells me:
"Insufficient Permission You do not have the necessary permission for
the specified Page to perform the requested action."
I am owner and admin on both the FB page and messenger app. I created similar page and messenger app and it works there, but I still need to use this old one. I tried subscribing to other pages which I own and admin, but with same result. I also tried it with other person who is admin.
I found other people experiencing same/similar message on FB, but not in this particular case. But I haven't found any solution.
Does anyone know what could be the problem? Or have anyone experienced this issue?
Thanks in advance for any ideas.
You need to generate a token first. Under messager->Settings->Token Generation-> Select your page and you'll be prompted to give the permission. Grant all permission required, then you shall be able to subscribe or unsubscribe to pages you manage.
This process gives your application the token to validate if you have the moderator or higher rights to the page you want to subscribe to.
After spending 3 days on this. Here is the solution for this.
Go to your Facebook Profile - > Settings -> Apps
and Remove YOUR APP from there.
In Developer Dashboard Go to App Review -> Add Items
manage_pages
(This Permission Needed for Accessing page access tokens)
Add above permission for review - with any simple video of above error
Now go to Messanger-> Settings -> Token Generation
Select page from dropdown List
now it will open a popup (because you removed this app in 1st step) for app access permission , notice that now it will ask for manage pages permission
Grant those permission and create access tokens
Now try again subscribing Webhook to Pages
This Works for me.
You need to generate your page access token for this.
Go to your facebook Developer dashboard, and open the messenger tab. There, you will see this for token generation. Select your page and generate the token. Then use this token in your bot.
Page access token generation
I have an app, and I can write to user's walls with it, having requested the publish_stream permission when they sign in.
I've also created a page and a group, and would like my app to be able to write to those. (Specifically, I want my back-end server to post some updates to those periodically, without a user being involved.) The ability to do this seems to be implied by the descriptions of the /feed parts of those here https://developers.facebook.com/docs/reference/api/page/ and here https://developers.facebook.com/docs/reference/api/group/ . However, I can't seem to find a way to authorize the app to write to these pages. Those docs say it can be done if you have publish_streams and manage_pages. OK, but how do I grant those to my app?
In the user case, you request those permissions when the user signs in via the OAuth flow. However, the page and the group never sign-in, so there's no way for them to grant the app permission. I looked around the settings pages for the group and the page, and couldn't find anything that will let me add the app. So how do I give the app the required permissions to post to the group and the page?
Found it!
http://developers.facebook.com/docs/reference/api/application/
http://developers.facebook.com/docs/howtos/login/login-as-page/
"Application Page Access Tokens
To perform the following operations as an Application Page, and not the current user, you must use the Application's Page access token, not the user access token commonly used for modifying Graph API objects nor the Application access token. This access token can be retrieved by issuing an HTTP GET to /USER_ID/accounts with the manage_pages permission. This will return a list of Pages (including Application profile pages) to which the user has administrative access, along with an access_token for each Page.
Note: Applications that are configured as Native/Desktop apps will not be able to make API calls that require an application access_token."
So:
I went to http://developers.facebook.com/tools/explorer/ and, as me, created an access token with "manage_pages" permission.
I then went to https://graph.facebook.com/$myname/accounts?access_token=$accesstoken
and it gave me a list pages and apps that I had given permission to. I copied the access_token from the relevant page, and pasted that into my code, so that the server-side create event code always used that access token.
And it worked!