I'm trying to create adverts on the Facebook using marketing (ads) API, but after some rejected requests my account has been blocked. So, I tried to find out ways to testing my API requests via sandbox mode.
Could you give me some tips about best practices of the creating adverts, campaigns and adsets on using facebook marketing (ads) API with sandbox accounts
Enable Account from FB Dev->Marketing API->Tools->Sandbox Ad
Account Management. Get Access Token from here.
Go to Graph API Explorer. Provide your Access Token
Create campaign/adset/ad using POST request. (Find api reference here)
Fetch data using GET request (check api ref)
I have worked this way. May be its not best practice, i couldn't find such thing in fb dev site,
First of all you will need to get a sandbox account, you can go to developers.facebook.com and get your account id, token, etc.
There are no best practices as such, you can do anything with this ad account. Just remember they have fake data, which may or may not match the real world expectations. When reading insights, you might also get empty for most of the fields.
As far as creation is concerned there shouldn't be any problem.
Related
First off, I'm not looking for the access token of a facebook account.
I (or my facebook messenger bot) need the access token of a linked 3rd party account.
The account was successfully linked as described here: https://developers.facebook.com/docs/messenger-platform/identity/account-linking
Slightly off topic: The first issue I noticed that does not meet the OIDC/OAuth2 specs is, that the redirect URI given to the /authorize endpoint expects a param "authorization_code" instead of "code" with the actual authorization code. Ok, good thing we do not use off-the-shelf software for the IdP, so I could mend that. Yet.
Now, I'm accustomed from the Amazon Alexa account linking to let the amazon do the token management, refreshing etc. and to deliver an 3rd party access token with every request.
But not with Facebook, it seems. As far as I managed to understand (not by the docs, but by try&error), for the Facebook Messenger the account linking is finished once they get the authorization code (and call an associated webhook).
But since I need an actual access token for every request to my bot, that's not gonna help much.
It now looks as if I have to extend my bot to be a complete, but not standardised, OAauth2/OIDC client (including token handling, refreshing etc.) with some problems:
how to check the validity of the redirect URI?
should be the same as in the initial request
how to validate the authorization_code?
keep in mind, normally this bot has no connections/access to the database of the IdP
how to link this to a specific facebook user id?
My question now is, how to cope with that behaviour when I aim to use standardised software for the OAuth/OIDC IdP? Any ideas?
Thanks in advance
Thomas
EDIT:
To clarify what is meant by "account linking": I'm not interested in the users facebook account, I want to access information of a 3rd party account (provided with my actual service) of that user.
For example a call like "How many pictures are in my tumblr account" will need the customer to link the tumblr account to this facebook messenger bot.
For comparison: this worked extremely smooth with Amazon's Alexa and Google Actions. I simply had to input the client credentials and OAuth endpoints and thats that. If the user successfully linked the 3rd party account, I get an access token with every query to my backend, as expected.
EDIT2: as pointed out by CBroe, this is not supported by Facebook. Only actually "linking" the User IDs is possible.
I wish to implement an Instagram feed reader for my website. A reader that will show my Instagram feed in a unique interactive manner without asking the user to login to Instagram. Is there a way for me to do this reliably using Instagram APIs or their new Instagram Business APIs?
Current options and their caveats:
1. The Instagram v1 API found here (https://www.instagram.com/developer/)
requires user to authenticate. There is no way for an application to use grant_type=client_credentials to acquire a token and make API calls.
The tokens generated don't seem to expire but a note says they may expire any time, making a solution that uses a manually generated token unreliable.
https://www.instagram.com/developer/authentication/
2. Instagram Business accounts API found here (https://developers.facebook.com/docs/instagram-api/)
requires an Instagram business account, and at the same time the queries to media endpoint seem to require User Access Token, which again requires a user to login for generation/renewal of token. (https://developers.facebook.com/docs/instagram-api/reference/media/)
I'm aware of endpoints like https://www.instagram.com/{username}/media/, but this is undocumented and can disappear any moment.
I will highly appreciate any help, or recommendation to implement such a feed that does not require a user to generate authentication tokens.
as it is said in Instagram API doc:
In your application, you should have each user go through an authentication and authorization flow in order to receive a valid access_token.
so I can see just too ways:
use '/media' end-point until it is blocked (i believe it is relatively reliable, because anything can disappear one day, not just undocumented things)
authenticate yourself on instagram, and use your own access_token for API requests, as it is done in several popular tools for getting instagram recent posts
I'm building an application that needs to read Facebook ads information and I'm running into an issue, which to me seems strange.
When I access the campaigns for my adaccounts using https://graph.facebook.com/v2.10/me?fields=adaccounts{campaigns} it works and I can see the campaigns and their properties.
When I change the request to access the campaign to https://graph.facebook.com/v2.10/[campaign_id] it results in an error which says:
(#272) This Ads API call requires the user to be admin of the application. User is not admin or developer of this application.
I can see the properties of the campaigns using "me" as the first Node in the request.
Any idea why can't I access the campaign using a request where the campaign is the first Node? What could be the reason behind this problem?
I've read many posts on this and I found that this is most likely a permissions issue or token issue.
First of all, could you please try to login as the user, and then go to Facebook Ads Manager or Power Editor to check if the user still has permissions on the account?
If you can still see and edit the ad account, then you would need to report this issue at https://developers.facebook.com/bugs/ instead.
This could also be one of the explanation.
This may be due to your ad account is inactive or in a bad standing. Additionally if your access level of your ad account is in development level these types of errors may occur. please go through what's mentioned on the doc here If you upgrade your account to basic or standard access levels this will be solved.
On development access level only end to end workflows are suggested. The following text is extracted from facebook documentation.
The development access level is designed for development purposes and
is ideal for people who are just starting to build out their tool. In
this level, you would not yet have customers using your tool. This
level is open to all developers, and is intended to build out
end-to-end workflows on the API before you get full permissions.
I'm building an internal app for a client of mine (an ad agency) who wants to do ad performance reporting for about 30 of their clients. Part of this project is to pull down performance metrics from Facebook Ads for these 30 clients.
I've created a Facebook App and got a development token. With this token, I've been able to get the technical part of the project working -- I can pull down the metrics just fine using Facebook's Marketing API.
My question is about authorization and authentication. I'm thoroughly confused by Facebook's mechanisms for this.
What do I need to do to get access to Marketing API metrics for these 30 clients?
Do I need to publish a Facebook App? If so, do I need to go through the approval process? This seems kind of crazy because Facebook wants a login so they can test things out, but the product is strictly internal so there's really nothing they can log in and see.
I guess another question is: Is there another way I can get access to these 30 clients? With Google Adwords, it was easy. I just used oauth and am granted access as needed. Is there a simple way like that with the Facebook Marketing API?
You need to submit your app for review, if you want to be able to ask all users for the permission.
If your app is used by a limited number of people only, that you can add to a role in the app - then they can be asked for all permissions, even without review. This is mainly for testing purposes, but Facebook has it documented as a kind of “loophole” for apps that are only used by a limited user base. https://developers.facebook.com/docs/apps/faq#faq_180362122361921
not sure if this is strictly programming question (apologies in advance).
We have windows service which is responsible for downloading data from different API's on regular basis, it's just internal tool we are using on our server.
For purposes of oauth2 authentication we use our another tool, which can
handle multiple Oauth logins through different API's, then we just ask this tool for access token and use it in our calls. This works perfectly with e.g. AdWords, BingAds, etc.
Now we have a task to download data from Facebook API. But the problem here is that according to FB we need to apply application for approval in order to get permission to "ads_read" source, which can allow us to download ad insights.
But the problem is that our tool is not an application it does not have any icon, screenshots or Privacy Policy URL. Is there any possibility to get these data without application to FB? Maybe is there another way to login and get the data from user without using oauth2, thus no need for using the oauth2 and scope permissions?
Thanks in advance
As long as you're only using your app with admins/testers/developers of the same app, you don't need to go under Login Review. Only if you also want to authenticate "other" users as well.