We are using Graph API for accessing public feed from our own Facebook Page.
What is the best way to obtain Access Token, so the requests are not dependant on one person's (my) User Access Token?
So after I leave the project, someone else can use the same token, without it being associated with me, but with the Page or a company instead?
Page Tokens are always tied to a specific user, because you need a User Token to generate a Page Token. For a non-restricted Page, you can just use an App Access Token though. It has no relation to any user.
More information about Tokens and how to generate them:
https://developers.facebook.com/docs/facebook-login/access-tokens
http://www.devils-heaven.com/facebook-access-tokens/
Related
I request data from my companies facebook page via the Facebook Graph API. I have created a page access token which has multiple rights. With this token I can read multiple statistical facts showing the performance of the facebook page.
According to the page access token description the token is connected to my user account. I am currently an admin of the facebook page of my company. Currently I share the page access token with my colleges.
Problems:
What happens if I am not the admin of the page anymore (e.g. I leave my current company).
What happens if I delete my facebook account some time in the future?
I would like to have multiple access tokens in order to use a backup token if neccessary
What would be the right way to do this?
I know there is sth. like an app access token (see link above).
I think there is only ONE unique app access token. Can I create multiple tokens?
Is there a proper way to handle my problem?
Is the page access token (which I currently use) coupled with my private facebook account? That would be bad!
I'm new to the Facebook Graph API!
I want to display the 5 latest news feed items from my public Facebook page. I understand you can do that through https://graph.facebook.com/cocacola/feed/?limit=5, but it requires an access token, however, https://graph.facebook.com/cocacola doesn't.
When these access tokens are generated through Facebook's Graph API Explorer, what permissions are given for the token? Just the information already displayed in the above link?
So would it be safe to use the access token via cURL's PHP? I only need read access. Would it be insecure to display the access token in the source code? I'm confused as to why the latter link doesn't need an access token while the /feed/ does, even though it's a public facebook page.
when you use your app in a website there is a parameter that defines how much access you have from the user, u can set up params like, email, photo_stream, friend_stream, etc. when the user accepts the conditions, the generated AUTH TOKEN has permisions from that scope.
So, Facebook has 2 types of access tokens: Application and User access token.
Is it possible to use the Application access token for open graph?
Facebook has more than two types of access tokens, there are at least 3 since you forgot to mention the Page Access Token.
According to the App Access Token documentation:
Authenticating as an Application allows your application to obtain an
App Access Token. This is useful to make requests to the Graph API to
modify the parameters of your app, create and manage test users, or
read your application's insights for example.
As you can see, it depends what it is you want to ask the fb graph.
If you want for example to get the feed of a public page then an app token will suffice, on the other hand if you want to get the feed of a user then you'll have to use a user token.
When you browser through the Graph API documentation, for every object you get a list of fields and connections, and the 3rd column of the tables is titled as Permissions, in that cell you'll have info of what access token is needed if any.
I.e., if you check out the User object you can see:
id: No access_token required
updated_time: Requires access_token
installed: Requires app access_token
Hope this clarifies things for you.
Interesting problem I'm having right now.
Signing in an App gives a access token looking something like this:
AAACwFsGcSr4BAOGUTwfuZAWuUcwZC0rJ7noZCKMqhBI7ivDCsIGqduGIZCus5PRaS6KuREqxLmhfvZAZAkz5WCpFfANtUpYHgZD
This access token can't access users PUBLIC information, while one issued by Facebook on developers.facebook.com - CAN.
You can easily test this by logging to your facebook and going to this link: http://developers.facebook.com/docs/reference/api/
You'll see that Facebook automatically generates access token on DEMO urls like this one:
https://graph.facebook.com/me/music
?access_token=2227470867|2.AQCvlA_ZaJ2MfRR0.3600.1318266000.0-100001572415177|2FeweU6ZvOQS9OCF5ZBV58_PtPg
If you would change /ME/ to any user which has his MUSIC posted as public, you WILL be able to access that data with Graph API.
Now try to get an access token to your APP and call the same Graph API method with generated access token, the returned data is empty JSON object.
Whats’ the difference between these access tokens? How to obtain access token, that I could get public information using Graph API?
I was thinking that logging in your APP is the highest possible access token and the only higher token is token with specified permissions...
Any guidelines would be great :)
http://developers.facebook.com/docs/reference/api/permissions/
I believe the difference is that you can specify additional permissions in a scope parameter,
so if you wanted to read a user's feed you would have to specify read_stream. I was trying to accomplish this with an access token from a server-side authentication flow in ruby, but the access token only allowed to me to navigate accross a certain portion of graph.facebook.com/user_id/feed? requests. If you get any insights or comes across a solution shoot it my way too, if you can.
On the documentation page for Facebook Graph API there are a lot of example links such as https://graph.facebook.com/me/likes?access_token=SOME_AT
Could anyone explain how the access_token for these links are generated?
All I've read in the documentation were about getting access_token only for applications, but on that page everyone could get an access_token without one.
You can use the graph API to get public information. People set privacy settings on facebook, so to prevent social freaks from stalking you, they(fb) created Autorisation.What I believe is that on the documentation, they are generating the access token using the Developers App. You can generate this Access token by making an application and asking a user to Authorise your application to access his data using OAUTH dialogs. Usually people reading at developer.facebook.com have enabled the Developers app so it easily opens your information.
The Graph API as such allows you to
easily access all public information
about an object. For example,
https://graph.facebook.com/btaylor
(Bret Taylor) returns all the public
information about Bret. For example a
user's first name, last name and
profile picture are publicly
available.
To get additional information about a
user, you must first get their
permission. At a high level, you need
to get an access token for the
Facebook user. After you obtain the
access token for the user, you can
perform authorized requests on behalf
of that user by including the access
token in your Graph API requests:
The access_token in these links are generated using your Facebook identity and an application ID (presumable associated to "developers.facebook.com"). If you go to the same page with another Facebook account, you will see different access tokens.