Due to many Facebook's access policies changes, the question may seem duplicated, but it's not.
My application followed all facebook approval process, and at the moment it has been approved by the "App Review" to get "manage_pages" permission. This allows to obtain a "Page Access Token" which grants the access to the page events, wherever the user is Guest or Host. (Facebook manage_pages)
After switching from Development to Live mode, the /page/events endpoint returns an empty object, with all my granted users, with a valid longlive page access token.
{
"data": [
]
}
Has anyone ever encountered this issue?
Thanks.
Past references about this:
Facebook Graph API does not return Page Events
How can I get the events for a Facebook page?
Related
I want to post on my own Facebook Page using Graph API.
For this, I have created an App.
When App is in Dev Mode, I am able to post on page using Page Access Token with proper permissions.
However, the problem here is, the post are not visible to public unless I make the App Live. The posts are only visible to Page Admins.
But as I make my App Live, I am getting below exception from FB APIs.
{
"error": {
"message": "(#200) If posting to a group, requires app being installed in the group, and \\\n either publish_to_groups permission with user token, or both pages_read_engagement \\\n and pages_manage_posts permission with page token; If posting to a page, \\\n requires both pages_read_engagement and pages_manage_posts as an admin with \\\n sufficient administrative permission",
"type": "OAuthException",
"code": 200,
"fbtrace_id": "abcdefgh"
}
}
I regenerated the Page Access token after I make my App Live but still above error is coming.
I checked some resources which says that I need to submit my App for review. But I don't want to go through that lengthy process.
So, Is there any otherway with which I can post on facebook page using API without putting my App for review process ? Will any other kind of token (i.e. other than page access token) work here ?
Please note, I want to make sure the posts I make to be visible by everyone and not just page admins.
I am building my first facebook app and am facing a issue.
Task : Build a entirely server side application to be used by the admin of a facebook page to post videos/photos on the page. This should not involve having the admin to log in everytime to generate the user acess and page access token.
What I found : Based on the requirement, I found that app tokens can be used for this purpose. This line specifically hints at the usefulness.
App access tokens can also be used to publish content to Facebook on behalf of a person who has granted an open graph publishing permission to your application
I think that using this will be safe since mine is an entirely server side app.
Problem The docs say that:
GET /oauth/access_token?
client_id={app-id}
&client_secret={app-secret}
&grant_type=client_credentials
will give the app token that can be used in place of user access token.
However, I have not been able to do so. Specifically the error encountered is
Error 200 .The user must have accepted the TOS. Since I have already tried publishing content with page access token, I know this is a permission issue.
The following line
a person who has granted an open graph publishing permission to your application.
does not clarify everything. I came across a related question, but the answers seem to be a bit vague.
It would be really great if someone could give me insights about how this can be achieved.
In order to post to a page, you need at least authorize with the manage_pages permission. If you want to post "as user", you need to add publish_actions and use a "User Access Token". If you want to post "as page", you need to add publish_pages and use a "Page Access Token".
Information about how to generate those Tokens:
https://developers.facebook.com/docs/facebook-login/access-tokens
http://www.devils-heaven.com/facebook-access-tokens/
The error message with the TOS has been discussed a lot of times already, please go to those threads (or find a lot more with the search function):
(OAuthException) (#200) User must have accepted TOS on C# - Facebook
How come I get a "must have accepted TOS" error for test users with app installed?
facebook long term token "(#200) User must have accepted TOS"
Occassional (OAuthException - #200) (#200) User must have accepted TOS
You cannot post to a Page via an App Access Token. This is clearly stated in the docs at
https://developers.facebook.com/docs/graph-api/reference/v2.3/page/feed#publish
A user access token with publish_actions permission can be used to publish new posts on behalf of that person. Posts will appear in the voice of the user.
A page access token with publish_pages permission can be used to publish new posts on behalf of that page. Posts will appear in the voice of the page.
I'd recommend to use a eternal Page Acess Token, so there's no obligation to renew the User Access Token. Have a look at my answer here:
Post to a facebook page without "manage_pages" permission using php
See
https://developers.facebook.com/docs/facebook-login/access-tokens#pagetokens
Is it possible to somehow get an access token to use the facebook api like a user that clicked "use facebook as "?
What I'm trying to do is to allow my website to post messages to the facebook page's wall. I already have an app which I use to allow my users to login with their FB account. However, I'd prefer not to require a page admin to authorize full manage_pages to my app. I already added the app to my FB page, but there are no options to give that app some permissions for my page.
Of course it's possible.
In the official documentation page about Permissions it's written:
Page access_token
An access_token used to manage a page. This is used
when you want to perform an operation acting as a Page. This access
token is retrieved by issuing an HTTP GET to /USER_ID/accounts or to
/PAGE_ID?fields=access_token with the manage_pages permission. Getting
/USER_ID/accounts will return a list of Pages (including app profile
pages) to which the user has administrative access in addition to an
access_token for each Page. Alternatively, you can get a page access
token for a single, specific, page by issuing an HTTP GET to
/PAGE_ID?fields=access_token with the manage_pages permission (you
must ask for the access_token field specifically via the fields=
parameter). See the documentation for the Page object for more
information. NOTE: After November 1, 2011, manage_pages permission
will be required for all access to a user's pages via this connection,
i.e. for both reading the user's pages and also retrieving
access_tokens for those pages. See the documentation for the User
object for more information.
This is a common scenario, but one that I don't see a lot of people posting about. Let's say I have a website, example.com, that loads a list of events from a Facebook Page. It would be a bad user experience to ask the user to "allow access" to the website just so they can see a list of events.
So, what I do is generate an access token with offline access permissions via the Graph API Explorer (https://developers.facebook.com/tools/explorer). This gives me an infinite (as long as the user doesn't change their password, etc.) access token. Perfect.
Soon, though, Facebook is deprecating offline_access. Is there going to be any way to continue to show this events feed on my website without requiring a user to allow access (which would refresh the access token)?
No, there will be no more infinite access tokens. You should store the list of events in your database so you don't have to query facebook so often. This way the user doesn't have to allow access to see a list of events that you get from your data store.
I am using the Graph API for an app that chooses a "fan of the week" for Facebook pages and announces them automatically to their feed.
For the purpose of announcing the fan on the feed, I store the OAuth access token for the user who installed the app. However sometimes the tokens get invalidated and then the app will fail to post to the feed.
{
"error" : {
"message" : "Error validating access token: The session has been invalidated
because the user has changed the password.",
"type" : "OAuthException"
}
}
Here is another type of error I also get sometimes:
{
"error": {
"message": "Error validating access token: Session does not match
current stored session. This may be because the user changed the
password since the time the session was created or Facebook has changed
the session for security reasons.",
"type": "OAuthException"
}
}
I already have the "offline_access" for these users, but the tokens are still becoming invalid sometimes. Is there anything else I can do to prevent this from happening, besides sending the user an email asking them to visit the app page again so that I could get a new OAuth token?
There's no way around this that doesn't require user intervention of some kind. If it's an app or page users are unlikely to visit frequently, then sending that e-mail sounds like a good idea. When users visit the page or app you can use the FB Javascript SDK, which automatically refreshes sessions, and subscribe to the FB.Event.subscribe('auth.sessionChange') with a handler that updates the token in your database.
If you are trying to publish to a users feed and you have publish_stream permission which hasn't been revoked, you can mostly likely still publish to /userId/feed using an access_token in this format: appid|appsecret. Note that /me will obviously not work because you are using the applications access token.