Premise:
After solving the mystery of the permanent token access, I have been able to post on my Readerly.Ink page from my app.
Problem:
My app, however, is supposed to post on multiple pages, depending on the language of the content. Hence, I today created the other pages (Readerly - Italiano, Readerly - English etc) but I cannot see them through the app!
Even if i GET /me/accounts, the original/first Readerly.Ink page is all I see. I also tried: /new-page-id?fields=access_token&access_token=your-user-access-token (as per instructions of the Pages API) - but I get an error! :-(
Question:
How do I add the new pages to the app?
Or do I need to create a different app for each page?
As far as I can tell, I created the new pages exactly as I created the first one (I'm the admin) and I added them all to my business account.
Please advise. Thanks
Or do I need to create a different app for each page?
No, you don't need to do that. An app is still able to manage multiple pages.
It used to be that you just granted an app access to manage all pages you have admin access to. But since that is obviously a bit broad and risky, Facebook has since changed things - users can specify which of their pages they actually want an app to have access to.
You get asked for that on the login dialog, when the permission is initially requested - but that list does not auto-update later to include any pages you created after that happened.
Currently, there does not seem to be any more practical procedure to get the new pages included, than removing the granted permission, and then asking for it again - upon which the user will be asked to chose which of their current set of pages they want to grant access to again.
For a quick fix, you can use Graph API Explorer - use the "get token" functionality, remove the granted manage_pages permission, and then ask for it again.
For a public facing app that has other people manage their own pages, probably such a step should be implemented within the app - remove the permission via API when necessary, then send them through the login flow again. (Might need to use the reauthenticate parameter at this point.)
Related
(I'm aware of this question, but it's outdated to the point of no longer working, so asking again.)
With the Facebook API it used to be that all profile pictures were considered public, and you could get one for anyone without any access tokens like this:
https://graph.facebook.com/4/picture
Now in 2020 it seems that it only works for public images like Zuck there. I have a tool for Facebook page admins that shows a list of people who liked page posts, but when I try to show user pictures in the list they all now come up blank because "This object does not exist or does not support this action".
The docs now say "This document refers to a feature that was removed after Graph API v3.2". But I could not find any more information about this deprecation. Is it now just impossible to show the picture of a user without having a user access token, or has the way to call it just changed?
The feature has not been removed, but now for users that don't have their profiles set as public, you need to provide an access token.
For instance suppose you use the Page API to list all the people who commented on a post. Previously you could show the profile pics of commenters by just linking to https://graph.facebook.com/<UID>/picture. However now you need an access token for that Page, and to then access the pic as https://graph.facebook.com/<UID>/picture?access_token=<TOKEN HERE>.
I have not tested this with apps, but I would assume that also to get the profile pics of app users based on their app-scoped UID, you'd need to include an access token there as well.
Im pretty confused with how i need to approach this issue.
I have a website using a 3rd party app which allowed the admin user to login, type in some content which then appeared on his site aswell as publishing to his FB page. All was working until FB changed their procedures last year (believe it was using the Graph API). Unfortunately the 3rd party no longer support this app so i am trying to see if i can resolve.
The application as far as i can tell uses 3 permissions,
manage_pages, publish_actions, publish_pages
Some threads indicate, i need to complete an App Review which once authorised would get everything working as it should. This is in process to save me some time.
Other threads indicate, public_actions is deprecated and cant be used any futher. If i go to FB help pages (https://developers.facebook.com/docs/facebook-login/permissions/#reference-publish_actions) it doesnt list it. In which case i feel this app would therefore no longer work until i fix this AFTER having the app reviewed and accepted?
Can anyone advise which is true and if #2, what do i need to do to get publish_actions to working in this scenario?
Is it possible to have this working in a test enviroment as theres too many variables for me to tackle here i.e. FB state unless the site is https it wont work, app review etc
publish_actions does not exist any more, it has been removed.
Posting to user profiles via API is therefor not possible any more.
To post to a page you are an admin of you don’t need that one to begin with though, the appropriate permission for that is publish_pages, and that still exists.
We have created a Facebook application that is restricted to US only, using the Graph API location restriction method (https://developers.facebook.com/blog/post/574/).
This application has then been added to a Facebook page. However, it appears that admins of the page are still able to see the application, regardless of their location.
So our question is: would it be possible to disallow access to admins of the page if they are outside of the US?
Just to make sure, is it admins, or just because you are the owner of the app.
I have no experience with the restriction functionality but if the above still proves that page admins can view it, then it looks like page admin's can still view it. But there are some other steps you can apply considering people can easily fake location on Facebook anyway.
IP Location
Download GeoIP (free IP address database) and you can lock people out of your app that way as well.
Graph API
Connect to the graph API with their user Id, manually get their location and block based on that.
Or you can use a combination of all of the above.
This is completely intentional - page admins will always see the tabs on their page - there's no way to hide content on a page from the admins of that page.
Broadly, there should be no way to hide content from users who are responsible for that content
the question is in the title.
I have been assigned to find out if the following is possible:
I create a group on Facebook. Selected people become members.
On a external website, I want to display all group members with their basic info - picture, name, link to public profile.
I have skimmed the Facebook Dev pages, and so far it seems to me that this is not possible simply with Social Plugins. Do I have to write some sort of App for Facebook? It came to my mind, that there should probably some permission from the group members to display them, is that right? But this probably does only work with an App, not a group. So do I have to create an App and use the Graph API to include the data on the website?
Yes, you will have to create an app. The facepile plugin will show faces, but I do not believe you can target a group with it.
It should be a reasonably straightforward app to create: you will need the user_group permission and I believe that would be it.
If the group is public, just access it by going to https://graph.facebook.com/groupid and to get the members, access https://graph.facebook.com/groupid/members
If the group is private or closed, you will need to create an app so that you can get an access token. Look at their authorization documentation on that (you will probably need to create a temporary dummy website to do the redirects to Facebook and record the token then grant you). You will probably need offline_access to run the call over and over.
With that access token, access the groups api using the url format posted above and with the access_token appended as a query string parameter.
I been reading about Facebook applications for a couple of days now. I created an application and got an ID and SECRET.
The documentation recommends to use "Graph" for gaining extended permissions.
My question is, is it optional to have a popup, just like the rest of Facebook's popups? (a layer on-top the current screen, without an actual 'Window')?
My application is inside facebook, accessible using http://apps.facebook.com//
My goal is to ask friends of mine to grant this application: publish_stream and offline_access. Then I'm supposed to store their UIDs while granting, and I'm entitled to automatically share items on their "stream"? even a week after they've logged off?
Thanks.
Doori Bar
Yes, that's the idea. You request the permissions when they log in to the application and then iterate over the response to see if they actually granted them. If they did you can then use the information to publish to the stream.