I am developing a server-to-server Facebook App, that will require Features like Ads Management, Ads Read, Defaults, Pages Manage, Instagram, and a few others. But as my server-to-server App would not have a login interface, First question would it be accepted in App review, Or should i change something, Second questions how would the reviews would test my Facebook App.
Related
I am not able to get webhook calls when another user post a comment (with mentions) on another/my media.
Just for testing purposes I set up a ngrok server for my webhook endpoint, which always answers with a 200 and handles the verfication. Before the heavy coding I just wanted to see if the webhook workflow for Instagram is generally working.
I created a Facebook app, an Instagram business account, a Facebook page and linked the page with the Instagram business account. With the information at Webhooks for Instagram I created a page access token with the Graph API Explorer. When I debug the token with the Access Token Debugger, everything looks fine. All needed permissions like manage_pages, pages_show_list, instagram_basic, instagram_manage_comments, instagram_manage_insights, public_profile are there. With the page access token I am able to fetch all informations regarding my linked Instagram business account via the Graph API Explorer.
Also the Instagram product was automatically added to my Facebook app. Test requests, which where send via the app dashboard (Webhooks product), will be received by my ngrok server. But any type of mentions or comments from another or my Instagram account (business or not) on my or other medias will not be received. What am I doing wrong? Do I have to send those comments/mentions from a specific account, since the app is in development mode and there roles in the app?
After speaking with the Facebook support, my confusion has been resolved.
The problem is that the Webhook for the Instagram product does not work without a verified app review. I had been wondering how to record a screencast with my running solution, without running webhooks... Above all, I had wondered why the webhooks in dev mode worked for the product messenger but not for instagram (or others). Apparently, the app review is not about the technical implementation but rather about checking that the implementation complies with the facebook guidelines. Therefor I want to quote the Facebook support:
Messenger does allow page owners and app admins to receive webhooks for their implementations in devmode and is by design. However, this is not the same for instagram or pages. This is just how the product teams have decided to implement it. For app review, you can show a mock process of the flow, using either the test webhook or your own process. The app review is less about technical implementation steps, but just a way to make sure that your app is going to use the permission in a way that follows our guidelines, so mocking the procedure should be fine. The reviewers understand that you do not receive webhooks in dev mode and should take this into consideration.
Consequently, I will now have to submit an app review and for that I have to imitate the webhook.
Is there a way for me to test permissions that are not yet granted to my app by Facebook like the "user_status" permission? I need to test "user_status" for a future app that is not yet in develop since I need to prove that what the client wants is possible.
As long as you are testing with an app admin/tester/developer, everything should work, even if the app didn't pass the facebook Review yet.
See
https://developers.facebook.com/docs/apps/review/login#do-you-need-review
However, in order to help you craft your Facebook Login experience, your app's developers will be able to see, and grant, any permission without requiring review by Facebook.
Note: People who are listed in your app's Roles tab will have access to extended permissions without going through review (e.g. publish_actions or manage_pages). For example, if you use the Facebook Plugin for Wordpress to publish your blog posts to your Facebook Page or Profile, you do not need to submit for review so long as all your publishers are listed in your app's Roles tab.
Also, if you're the developer of an app and are the only person using it, then your app doesn't need to go through review. Since you're the developer, all app capabilities should be available. You will still need to take your app out of developer mode, but you should be able to do that without going through review.
I've developed an app using the Facebook Chat XMPP gateway, and users of this app report that some of their friends appear offline in this app, even though those same friends appear online in the official Facebook web and mobile clients. Why is this? Are there any relevant privacy settings that these friends may have enabled? Note that my app does have the user_online_presence and friends_online_presence permissions.
I've created Facebook app, that only uses Website app, have authorized it and given permissions to it. It is well defined Game of subtype Adventure.
However, when I'm in Facebook, I don't see the game listed in the bookmarks.
How to make it appear there, once authorized by the user, no matter it is a web app with Facebook login, and currently does not have Facebook canvas app?
The existing website uses Facebook OAuth for login. The plan is that soon that certain events on the site will be posted to the user's timeline. The "userA watched xxx" kind of thing.
We're also at the stage of starting an iPhone app to connect to the website's data API. If the user has authenticated to the website with the mobile app using the facebook login:
would the mobile app need access to the Facebook oauth keys? I'm guess not, as the user would do something, and the website would have the credentials stored to post to facebook, but I'm not sure.
would there in fact be 2 apps, one that is facebook based and one that is not?
Apologies if this is really basic information I'm asking, but I've not developed Facebook apps previously and the information I look at isn't always clear.
In my apps, I code two authentication flows, one for facebook users, and one for users without facebook (this is the typical, create your account, and subsequently login with your username and password). So one app, two login flows.
Regarding the app accessing the Facebook oauth keys, if you are coding with the Facebook iOS SDK, you won't even need to worry about the oauth key itself, as it's totally encapsulated by the SDK. You'll simply invoke methods to trigger authentication, and then once the user is authenticated, you can call other methods to invoke certain aspects of SDK/API.
The Facebook iOS SDK supports all the functionality you'll need to make the posts directly from the app itself. You won't need to make an API call to your server, to then make a second call to the Facebook API. Just handle all that from the app directly. So if your app does depend on a successful API call to your server, prior to posting to Facebook, make that API call, wait for the response (that either includes additional data, or a success:true flag), and then make the post to the Facebook via the Facebook iOS SDK.
The Facebook iOS SDK docs are AWESOME these days, and the code samples are even better. Check them out at:
http://developers.facebook.com/ios/