Working on adding course completion information to users that have authorized our system to write to their profile. Looking at the LinkedIn API, https://learn.microsoft.com/en-us/linkedin/compliance/ it looks this is possible if granted the w_compliance authorization but it doesn't seem to be available in the application setup.
I have been trying to contact developer support email provided but have had no response in the last week. Is there a path or setting that I am not seeing?
How does one get an authentication grant that includes the ability to update user profile course information?
Related
We implemented the Marketing API into our company's order management system to automate the creation of ad campaigns. A system user was created with the proper permissions, and the integration has been working. We're only using the API for our own ad account and pages, which we of course own. The "Facebook App" is set to live mode and has been for a couple weeks now.
But starting sometime today, we have been getting errors saying that the ads_read and ads_management permissions are required. And sure enough, they are indeed missing from the access token for the system user when I use the access token debugger.
What would have caused the system user to be missing these permissions all of a sudden? We are still on the dev tier and have only recently reached the 1,500 calls required to request standard access. That's the only thing I can think of so far, but is that the reason we suddenly don't have the proper permissions, or could it be something else? I haven't read anywhere in the documentation that we would lose these permissions upon reaching 1,500 calls, and I was planning on requesting the standard access next.
Also, I have read in various spots: "You do not need to submit your app if it will only be used by you or by a reduced number of people." That is actually our case, as we are only using a system user for the API calls, and there are only a few users tied to the Facebook ad account. So, do we need to submit our app for review?
Thanks in advance.
I want to write a process which downloads data about my ads.
Basically this is the code:
https://github.com/airflow-plugins/facebook_ads_plugin/blob/master/hooks/facebook_ads_hook.py
It construct a URI as:
https://graph.facebook.com/v{api_version}/act_{account_id}/insights?{payload}
Where payload contains the access_token, breakdowns, fields etc..
Now, I passed over the facebook dev guide https://developers.facebook.com/docs/graph-api/using-graph-api/ and it doesn't explain how do I get the account_id and the token.
It always leads to a user account that needs to log-in to facebook and then process the request.
I want to build a process that doesn't involve user action. Just download logs about my ads.
How can I do that? Where can I get the account_id and the token.
In other systems like google and other they create a json file with credentials that is used for the outh. there doesn't seem to be equivalent with facebook.
For this type of use case, I would create a System User that is permissioned on all your ad accounts, following this guide. That will allow you to generate a token that can used without user login. (You can do the same for your personal facebook account, but that requires you to pass app verification. This can be done without that.)
Then to get the account ids of all the accounts the system user is permissioned on, query the "me/adaccounts" endpoint, using the access token generated for the system user. The docs for that are here. You can use that to get a list of all the account ids.
Alternatively, if you only need one account id, you can get that straight from the facebook ads manager.
Facebook provides an OAuth authentication system for third-party apps but they appear to not provide any fine-grained user management capabilities.
This seems like a security problem. I need to be able to:
Disable delete unused accounts
Disable or delete abusive users
White list users for early access to a new app.
But AFAICT FB provides no tool to do this.
I can probably hook of of the OAuth ID and put an entry in my database for the first two requirements, but I can't figure out how to white list Facebook users.
Google is unhelpful because all the results are about let users manage applications their user account is attached to, and nothing about allowing apps to manage what user accounts they are attached to...
Usually is a bad idea to delete or disable unused accounts, because maybe user was inactive for a long time, this doesn't mean the user deleted or disabled his account.
On the other hand, you can't avoid malicious users join your app via facebook authentication. What you can do is to detect suspicious activities with your own implementation (after Facebook accept them to join your app), and suspend, block or disable those accounts on the server (blacklisting them), after the user has joined client-side and sent the required access-token (optionally request the ID) trying to be accepted by the server.
Whitelisting users may depend on the requirements of your application, you can check profiles data and reject those that doesn't provide the requirements that your app needs (remember to ask the user for the fields that your app requires, like public profile, pictures, etc; these must be accepted by the user before signing in).
Here's how you white list users for an app on Facebook:
Keep the app in Development mode
Add users from your friend network in the Testers role
When you are comfortable, open your application to the world.
AFAICT you cannot white list when your app is published, but that's the point of publishing. Also the whitelist is not a request-grant method, it's invite only.
The other requirement to delete or disable users you must handle yourself in your database. You would tie the user's status to the FB's unique ID.
I'm working on creating an application for a client that has to search Yammer for a term specified by a user. I'm using the Yammer JavaScript SDK to authenticate the user's login to acquire the access token which I then use to query the search REST API.
This is all working great, but I need to know about the user access rights using the SDK and REST API. Will the search endpoint restrict the search results to the groups and files that a user has access to? Or does the endpoint return everything that matches the search term regardless of the user's access to it?
Unfortunately I only have the one user account on the client's Yammer network to test with and can't really investigate the issue properly.
Any feedback will be appreciated!
It will return only what that user has access too
ie. If they can not see a hidden private group they would not be able to search for it
Try to think of the Javascript SDK emulating them logged into yammer.com
I have a desktop app which uses a user access token to read the me/feed endpoint and I can see all the posts for the logged in user. If I wanted to simplify deployment to different users I would need to minimise the amount of setup/configuration they did.
Is there a way to access me/feed for a given userid rather than have to setup every user as a developer account and create an app for it?
I have looked at https://developers.facebook.com/docs/graph-api/using-graph-api/v2.0 and it is not obvious to me how to do this.
What configuration / permissions does the user in question need to do to activate this. Which access token should I be using, and will it give access to all the posts in the same way the user access token does.
[EDIT] I have looked at this again and the problem I am having is that when a user (who has a facebook account but is NOT a developer) tries to login to my App (which is in development mode) I get the following error
"App Not Setup: The developers of this app have not set up this app properly for Facebook Login."
Thanks in advance