I want to play around with pynder but in order to do so, I need a facebook access token.
I've googled around, and made a facebook developer profile. I have an app Id and app secret. How can I go about getting what I need to create a session in pynder?
Facebook is using OAUTH2. Basicly you have to redirect the user to facebook. He authorizes your app. Facebook redirects back to your site with a &code= Parameter.
You call an facebook endpoint an exchange the code to an access_token.
https://developers.facebook.com/docs/facebook-login/access-tokens
You can grab an access token out of https://developers.facebook.com/tools/explorer/
You should be able to change to your app and generate a token.
Related
I am doing a static web page in my website, in which I am showing the like count of particular Facebook page. There is no kind of login required to see this web page. Also, I don't want to user to login with their Facebook account to see the Facebook page like count.
I have implemented this requirement by using Facebook app token.
API: "https://graph.facebook.com/PAGE_ID?access_token=APP_TOKEN"
But the problem here is, If I use the app token of already approved app by Facebook with some permissions (manage_pages) exists, it works. It is not working for the app token of newly created Facebook app.
I have sent the app for review to Facebook by requesting manage_pages permission, but they rejected the app and said that my website doesn't have the Facebook login functionality implemented.
Since it is not documented clearly, I have a doubt that do the app need to send for review if I want to get the Facebook page like count without Facebook login (By using Facebook app token)? If yes, what permission do I want to request?
Any help would be much appreciated.
First of all, you need to learn what Tokens there are:
https://developers.facebook.com/docs/facebook-login/access-tokens
http://www.devils-heaven.com/facebook-access-tokens/
For your problem, you can just use an App Access Token. There is no need for any permission or Login Review, the links above tell you exactly how to create one. Make sure you never use the Token on the client, especially because it includes the App Secret. Do the API call on the server only (file_get_contents or curl, if you use PHP).
If by "it does not work" you mean that you only get the id and the name, then it´s not about "not working", you need to read the changelog and search for "Declarative Fields": https://developers.facebook.com/docs/apps/changelog#v2_4
So if you want to get more than just id and name, the API call would be like this: https://graph.facebook.com/936299239766048?access_token=YOURAPPTOKEN&fields=id,name,likes,...
I've been reading documentation and Stack Overflow link all morning, but I'm just not understanding the correct process to authorize a web server to post to a Facebook page wall.
What I'm not clear on is why I have to post to Facebook as a Facebook User, using an access_token, meaning that this user has to log into Facebook manually to authorize my app.
I'm not trying to authorize a User, nor any of my visitors to do anything with their accounts, so I don't need any permissions from them. Instead, I'm trying to authorize my Web Server to post updates to its wall as a specific Page.
Why do I have to use a user access_token to do this? I'm not attempting to impersonate the user, I'm trying to post to the page as the page...
Is it possible to authorize a user and get their access token without having to create a login page on the Web Server? I don't want to have to require the user to login to make this work, I thought that was the point of having an app ID and Secret?
I guess my question is this: Is it not possible to allow a web server to post to a Facebook page wall as that page, without having to present a login dialog to a specific user? If it is possible, what is the correct workflow to set this up?
In order to post to a Page as a Page, you have to use a Page Access Token. You get that with a User Access Token, and you can extend it so it will stay valid forever.
Steps:
Request a User Access Token with the manage_pages permission (valid for up to 2 hours)
Extend the User Access Token (valid for up to 60 days)
Get the Extended Page Access Token for your Page with the User Session
Store and User The Page Access Token in the publish call
It may sound a bit complicated, but there are many tutorials for this and you don´t actually need to program it, you can just use the Graph API Explorer.
Here are some Links about the Access Tokens:
https://developers.facebook.com/docs/facebook-login/access-tokens/
http://www.devils-heaven.com/facebook-access-tokens/ (see "Extended Page Access Token" for a step by step tutorial)
I use the Twitter Anywhere API and OAuth to authenticate users on my website. The cookie with the accessToken expires after two hours, which is why the user needs to login and connect to Twitter regularly. The workaround would probably be to store the auth_token in a cookie and provide it the next time the user loads the page after the cookie set by twitter expired.
Now something that is not clear to me: I'm also providing Facebook as an authentification method and somehow it doesn't forget the login. The Facebook JS API doesn't store any cookies on my page, so how does it know that the user is authenticated with Facebook and my application?
are you talking about this? see the channel file portion.
EDIT: Above link has been changed. And, facebook api has changed too.
The Facebook JS API doesn't store any cookies on my page, so how does it know that the user is authenticated with Facebook and my application?
It makes a cross-domain request to facebook.com, to see if there are cookies under that domain that indicate there is a user currently logged into Facebook in some other browser window/tab.
Once it has figured out that a) there is a logged in user and b) this user has used your app before – it logs him in to your app on the fly and gives you a fresh (short-lived) user access token to work with.
I'm doing an IOS app with facebook SSO. Upon user granted facebook permission to the app, the app will receive an access token. The app will then make an API call to the backend with ONLY the access token.
So is the backend possible to retrieve basic user information with ONLY access token while the user's facebook id is unknown?
Looking forward to an answer. thank u=)
Yes, once you have a user access token /me can be used as a placeholder for the current user's user ID
so /me/friends returns the access token user's friends, etc
It's a bug that has been recorded and fixed by Facebook. Update your base_facebook.php to versions 3.2.2.
You can track the bug here: https://developers.facebook.com/bugs/238039849657148
We're hoping to create mobile phone applications for (among other features) posting video to a user's FaceBook page. However, using their API, it looks like we would need to open a web viewer and have the user enter their login credentials every time the application is used. We would prefer to store these credentials so the user only has to login once.
We could of course save the http login post and resend it as needed, but this breaks if FaceBook changes their API and I worry about their terms of service and using an unofficial hack such as this.
Maybe someone knows of another application that uses Facebook this way?
You should have been returned an oAuth token to use.
The new Facebook API has a service you can call with the old tokens and it returns you a new oAuth token.
You just have to add offline_access to your permissions. You do this by adding &scope=offline_permissions at the end of your authorization url. Then your oAuth token won't expire.