I have a mobile app that allows logging in with facebook, when a user logs in I pull their email from the graph api but I just got a couple of logins with email addresses with #tfbnw.net domains which I guess is for test users while developing on facebook. I didnt generate these so is this someone doing something shady to login to my app or just expected behavior for some users given their settings?
Mobile app coded in react-native, using expo
Those seem to be the internal facebook QA team going through your APPs and manually checking if you're following all facebook's guidelines.
Facebook auditing your app basically.... or at least they did to mine because right after those #tfbnw.net email registrations came in, I checked my facebook app settings and sure enough, I got an alert and an email shortly after. But never received those #tfbnw.net emails before today on any other facebook logins.
I have checked my account and it looks like a generic test user Open Graph Test User gets created automatically, according to which product you enable in your app. It gets created for example, if you enable facebook login or messenger platform.
not something shady IMHO
Related
I need to login via facebook to my application. I am trying to use facebook test accounts, as making fake accounts is both impractical and not allowed. I've seen that people usually have email attached to their test users, while mine dont have it. Any reason why?
We have a simple app that summarizes the total number of mentions your instagram account gets using the IG-User/tags endpoint on the graph api (https://developers.facebook.com/docs/instagram-api/reference/user/tags/)
The pre-requisite of the app is the user has their fb account linked to their IG - Business or IG - Creator account.
Unfortunately every time we've submitted it for review so far it has come back with the same comment from FB:
"Although we were able to login to your app using the Facebook Login authentication, we were unable to test the steps to connect an Instagram business account. As a result, you'll need to implement an integration flow for an end user to connect their Instagram business account(s)"
Now as I understand it there is no way I can get the user to link their IG account to FB or to a FB page using the API. The "link account" action is purely handled using the Instagram app. Or am I missing something here.
Well after 3 weeks of back and forth with multiple seemingly segmented facebook support teams I have been able to get this permission from them.
Turns out that there's an unexplained flow here:
This is verbatim from the information I received from their chat support (but is not found anywhere in the documentation)
"You have needed to provide Test Users on your App Dashboard, grant the test user the Instagram_manage_comments permission and then provide us with the login details. We would then link that to an internal Instagram Business Account."(sic)
The part where they link an internal business account to the test user happens on their end and outside the scope of the app. I confirmed this and even then I failed the review multiple times because apparently the steps to approve IG business permissions have not been standardized yet and sometimes the approver simply doesn't know what needs to be done. It's a strange state of affairs and the answer it seems is to just keep pushing.
I'm having the same problem and looking forward to see some comments to your post since the first day. But I started to think it will never come.
I believe they want a new user to start with minimum permissions (which is the email permission) and add other permission only as they are needed. This requires a mechanism in your app that guide a new user logged in with only email permission to give other permissions (e.g. taping a button that opens up user’s IG business account needs instagram_basic and manage_pages permissions. Or taping “post comment” button needs manage_comments permission.) So your app should open up a window that the user can give permissions when any of these events fires. (or when user decides to take permission(s) back)
This is what I understand from “steps to connect an Instagram business account”.
But I am not sure if my understanding is correct. I would definitely like to hear if you found any solutions.
I'm also having the same problem as you as I'm developing similar service to IGBlade (https://igblade.com) & Social Blade (https://socialblade.com).
I'm beginning the wonder if I should change my app review request so that I would inform Facebook that the permissions my app is requesting work serverside and therefore there's no need to implement an integration flow for an end user to connect their Instagram business account(s) to my app.
Any thoughts?
Here is what I have done to get the approval
Create a Facebook test user with correct permissions
Log in with this user
Create a Facebook Page
Edit settings on Facebook Page and add Instagram Business account (personal one)
Submit Facebook review with both credentials (Facebook test user + personal Instagram user).
Wait for review and do not forget to change your personal Instagram user password after the review.
Since last few weeks our FB integration is broken, our app and website having option to login using FB, we were pulling FB token and public profile info such as name, email but now seems FB has restricted our app, and got message
"We've restricted this app for violating the Facebook Platform Policies."
We double checked updated policies document and it seems nothing is there which can break FB policies, we are struggling to identify exact reason, we raised Appeal few weeks ago to FB but no reply, now we all our live users are stuck they are not able to use their account anymore in our platform.
Is there any way to identify exact reason, based on which parameters FB has blocked our app?
Finally FB Login started working, as we sent Appeal to FB and they re-activated API Key, explained about data which we are exacting from FB API and use of that data.
I've tried requesting permissions in my app, but the FB login popup contains a red error message saying that the app must be approved before it can request the user_friendlists permission.
How is this possible if the review/approval process requires a working test version of the app?
The problem is similar to this question: Testing Facebook integration prior to approval except mine is a website so the solution there doesn't apply.
The user logging into facebook from the app must be listed under the Tester roles in the app settings. The tester also has to be a profile other than the administrator, which you probably are if you created the app, and it must have a profile picture and be friends with the administrator.
I'm developing a Facebook Oauth application.
For my email account of Facebook it is working fine.
but for others (my work mates) accounts it is not working.
It is able to get Facebook first name for them but not the email address.
We have checked the settings for all accounts, it is same as me, but not working.
I have also tried in live environment, but the issue is the same.
Any ideas?
Have you got the email extended permission for the user whose email address you're trying to access? You can check with a call to /me/permissions in the graph API
Also consider that you can read real email also depending on your friends's privacy settings