I am trying to set up a new Facebook App that is used to pull in the latest post from a public page into another website. I successfully did this a few months ago, but since the GDPR law has come into effect, Facebook's process of creating new apps has become much stricter, requiring them to go through App Review before allowing access to the Pages API product.
However to go through the App Review process, I need to provide step by step instructions and a screencast of the app in action. This isn't an app in the traditional sense, and how am I meant to show the app in action when I can't get it working without it being reviewed!?
The docs mention that "While testing and before submitting for review, your app may only access content that is available on a Page that you, as an app admin, developer, or tester, administer. If the app wants to access public content on other Pages, you must submit this feature for review" - does this mean that I do not to go through App Review if the Developer Account has access to administer the page in question?
To answer your question directly, if your app will only be loading data from pages that you admin, you don't need review/approval to use that API
That said, if you're making this app to fetch posts from someone else's page it will need approval, and if it's a simple background script i'm not sure how you can have it reviewed - the process is focussed on page management tools used by multiple users rather than once-off scripts
Related
I’m trying to automate creation of ad accounts for my own business, and then upload custom audiences into these ad accounts. I wish to do this using a system user.
I have written some scripts to automate this process, but I am unsure how to receive the appropriate permissions from Facebook as I can not create a screencast, as my scripts has no UI. It’s just a collection of scripts.
Some research has a said that if apps only talk to a small number of accounts, you can just leave apps in dev mode to avoid going through app review, but I don’t think that’s possible in this case for the following reasons.
When my app is in dev mode, and I try to POST to https://graph.facebook.com/v7.0/<my-business-id>/adaccount to create a new ad account in my business, I get the error: "(#270) Development access is not allowed to access business API post:Business/adaccount.” OK. So my app has to be live for me to use this end point. If I set my app to Live, and then try to hit this end point, I get this error "(#294) Managing advertisements requires an access token with the extended permission for ads_management”
Then, looking at the permissions screen in my app, it appears I need to submit an app review with a screencast to be able to use the ads_management permission.
Additionally, if I want to use a system user, I can only approve permissions that have been approved by the app review process.
Given that my app has no UI (and nothing to screencast) how should I proceed? Or am I missing a way to do this without going through the app review process?
Facebook as provided instructions on how to submit those kinds of apps here, https://developers.facebook.com/docs/apps/review/server-to-server-apps:
If your app has no user interface because it exchanges data directly with our APIs, refer to this guide when configuring your app's Basic Settings, and when completing App Review.
My code is working properly in dev mode, but I can not get approval to use publish_pages or manage_pages. I keep failing every review.
The problem is that the software is to be ran as a cron job and there's really no user interface. This is for an auction website and we want to post a summary of auctions for the next day in our feed.
For some reason they keep saying:
Your screencast doesn't show how the use of this permission directly improves the user experience in your app. Unfortunately we also weren't able to determine this from testing your app manually
Right now, if I have the app in dev mode the post submits successfully, but only my user account can see them, so I've been having to leave dev mode on, let the app post, and then turn the app live.
This is less than ideal. Is there any 3rd party application that has already been approved I can use to post to our facebook page?
It seems like the magic is making sure to mention "this is a server to server application with no user interface" is all that's required to get your app approved. After doing that, it went through without an issue.
So we've developed a Facebook App (and similar apps on Twitter and Instagram) that allow users to post and read content using an external system. We'll sell this integration directly to our clients, so it's a private application.
Basically the user will see a very simple page with a button "Log in to Facebook" and a disclaimer regarding the authorization (we'll use some query params fixed in the url, depending on the client). The client authorize us and we capture the access tokens.
To submit the app review, though, we have to explicitly give a test user to the reviewers, but that's not really possible because the real "action" happens within the integrated systems, NOT within the app itself. And those systems are not public (they shouldn't be).
So just to be clear: our app is basically a very simple "Facebook login" that we use to get tokens, generated by specific clients authorization. It's not going to be published anywhere.
Until we have around 5 to 10 clients we can add the specific users in our app as Testers/Admins/etc, but what if we scale up? Say we have 20 clients. How are we supposed to get our app to be "live"?
To follow the app review steps we would have to create some users in our local systems (we have some dev environments), open them to the internet so the reviewers can log in and see how it actually works? Is that it?
(btw I'm asking this because our app review was rejected twice and I want to make sure I'm submitting everything they ask this time).
Thanks :)
I think the Login Review FAQ answers most of your questions. The key point:
Our review team will actually test how your app uses each permission on every platform you have listed in the settings section of your app.... You'll need to explain exactly how to test each permission or feature in your app so that we can make sure it works and follows our policies. We can't approve your app if we can't fully test how it integrates with Facebook.
In other words, it's not enough to just allow them to log in to your app, you have to expose all Facebook-related features to the reviewer.
To follow the app review steps we would have to create some users in our local systems (we have some dev environments), open them to the internet so the reviewers can log in and see how it actually works? Is that it?
Yes, though I'm not sure what you mean by "open them to the internet". You should be able to create a test user on your local system and link that account to a test Facebook user. Then you can have the Facebook reviewer use that test account for their review. (From the FAQ: "In the Items in Review section, you'll see a Test User (optional) section that allows you to type the name of the user you wish to be used in your review.")
For my company I am developing an automated photo-booth. The goal is to capture a photo and after a quick review publish the photo to the company's Facebook page, all automated.
To this end I registered an app, and the application is conceptually done and works.
However only the developers of the app can see the photos, which seems to be because the app is not "reviewed by facebook" yet.
When I read what is required to get it reviewed, facebook needs to be able to test and verify the app. This is however impossible because the app only works in combination with the hardware on site, and it is not meant for anyone else to use it.
Am I solving this the right way? Can it be approved just for some users, like a "private" app? I'm not sure where to go from here.
If no user authorization is involved and you only use an Extended Page Token for that Page (that is valid forever), you don´t need to go through review. Just set the App to public in the "Status & Review" section of your App settings.
The App will work without review for everyone with a role in the App (Admin, Developer, Tester).
I see that Facebook has made a lot of changes in their API and working structure of those for creating the FB application for Web/IOS/Mobile.
I am creating a facebook app with my FB developer account to get the Test App's API secret credentials.
With this app I need to test the feature of Publish_ations (Ex:- Post on pages/wall,sharing),but that feature is not enabled for Test App API.And if we want to enable that then we may have to submit the review with some details.In those details they are asking for the steps to test the feature that we will provide in our Application.They need the snaps of pages where that FB feature will be and ETC of info.And that whole process will take upto 7 days.
I am confused that if my application is in progress and that FB feature we are planning to develope then How should I give the steps to test the Feature on our website before creation of that Feature.
Is there any information that I am missing from FB docs for testing enviornment with Publish Action permission.
Please help me I have already wasted 7 days (Tried the review submission process of FB and they have rejected that because of incomplete application and information)
Thanks in advance!!
You're confused. The login/permissions related things works as it was in v1.0 ; just the difference is that you need to submit for review after the app is ready. But that's the last step.
I think you're using the API for the first time, so you may not be aware how exactly to add the permissions in your app. The permissions are added using the scope parameter in the login code. See the details here..
For example, if you're using the JS SDK-
FB.login(function(response) {
// handle the response
}, {scope: 'email,user_likes'});
similarly its done for the other languages.
After adding the permission the admin/developers/testers of the app can test the application and publish posts; while app is in development mode. And this is just similar how we used to do in v1.0.
When your app is ready (the last step), submit your app for the login review (this step wasn't present in the v1.0, you just needed to make it live). After they approve your app with this permission, you can make your app live and everybody can publish post using your app. That's it.