I have a Facebook access token stored in my database which I use to retrieve data from Facebook.
This access token have been registered by one of my apps, but I have no idea which one.
Is there a way to find out which of my apps owns this token?
I have tried https://graph.facebook.com/me?access_token=xxx without success.
{
"error": {
"message": "An active access token must be used to query information about the current user.",
"type": "OAuthException",
"code": 2500
}
}
( I am sure this token is still "active" if by active I mean "still able to retrieve data from the Facebook REST API" )
Based on #WizKid 's comment:
There is a tool on Facebook, that is designed to help identifying the owner of an access token ( and much more, like expiration date or available scopes )
It is accessible under developers.facebook.com/tools/debug/accesstoken
Related
I am using Facebook Ads Insight API with a user token at the moment, but this user token expires (every hour for temporary token, and every 60 days for extended token) and I need to update it manually in my environment. Is there a way to use an app token to permanently allow access to the AdsInsight API? Otherwise, what's a programatic way to refresh the user token? (FYI, I use airflow to store the token in admin/connections)
For now my URL request is :
https://graph.facebook.com/v8.0/act_<SECRET_AD_ACCOUNT_ID>/insights?access_token=<SECRET_TOKEN>=ad_id,ad_name,clicks,unique_clicks,inline_link_clicks,unique_inline_link_clicks&time_range={'since':'2021-01-01','until':'2021-01-05'}&time_increment=1&level=ad
When the <SECRET_TOKEN> is
a user token : Data is generated correctly
an app token I get an error. (See bellow)
Error when using app token:
{
"error": {
"message": "Unsupported get request. Object with ID 'act_<SECRET_AD_ACCOUNT_ID>' does not exist, cannot be loaded due to missing permissions, or does not support this operation. Please read the Graph API documentation at https://developers.facebook.com/docs/graph-api",
"type": "GraphMethodException",
"code": 100,
"error_subcode": 33,
"fbtrace_id": "<SECRET>"
}
}
The user tokens last 60 days, but there is a way to automatically update them through the API. Make a GET call to the following endpoint every < 60 days to refresh your user token.
oauth/access_token?grant_type=fb_exchange_token&client_id=<APP_CLIENT_ID>&client_secret=<APP_SECRET>&fb_exchange_token=<USER_TOKEN>
My web-application need to fetch posts from facebook and save content in pages.
I'm have developer account with business access (authomatically contains permissions pages_read_engagement).
I'm try to get API-key by request: https://graph.facebook.com/v8.0/oauth/access_token?grant_type=client_credentials&client_id=****&client_secret=***
API return me access token and token type:
{
"access_token": "|", "token_type": "bearer" }
After that i try to get feeds via request: https://graph.facebook.com/APP_ID/feed?fields=is_published,id,attachments{title},message,created_time,full_picture&access_token=***&appsecret_proof=***
But API return me error:
"error": {
"message": "(#10) This endpoint requires the 'pages_read_user_content' permission or the 'Page Public Content Access' feature. Refer to https://developers.facebook.com/docs/apps/review/login-permissions#manage-pages and https://developers.facebook.com/docs/apps/review/feature#reference-PAGES_ACCESS for details.",
"type": "OAuthException",
"code": 10,
"fbtrace_id": "AbApv_PjRlplW2Abv61zNCx" } }
I'm trying to get a long-lived user access token, and it worked correctly, but only 60 days and blocked, Then I have to restore it manually.
Account with API is administrator of group and Page read content should work
Support replied that the rights pages_read_engagement will be enough, recommended to change the API version to 10.0, but it did not help. What am I doing wrong?
I tried to use the app key, but it does not work, you need to use the user access token (which has restrictions), or create a system user (which no longer has such restrictions)
I'm create the system user and use his API key.
I'm trying to retrieve Facebook Lead using graph API using App Token to be long time token.
But the graph API return the following error
{
"error": {
"message": "A user access token is required to request this resource.",
"type": "OAuthException",
"code": 102,
"fbtrace_id": ""
}
}
I want to retrieve it with app token, any ideas.
Thanks in advance.
I have found solution. If you need to retrieve page leadgen then you must use page access token where ad was created and generated, otherwise it doesn't work.
How I have solved this case:
Connect to application and logging in with user
Exchange retrieved user short (1-2h) access token to long lived access token (~60 days if not using access token, else if you use it daily it will never expire)
call facebook api to retrieve user pages thru server using new users long lived token (this way page access tokens will have ~60 days and if use it daily then it will never expire)
when webhook sends you leadgen_id use server call to retrieve lead data using not app access token but long lived page access token that you have saved in database. As webhook sends leadgen_id, page_id and etc, you can connect page access token to page id and then with webhook data you can get correct access token and retrieve details about the lead from facebook.
For me this approach worked. I'm using Python to communicate in server side.
Comment or message me if you'r having issues.
I'm are having a problem trying to get data via Facebook's Graph API from a leadgen object, from a particular Facebook business.
A page admin user logs in and we request these permissions: manage_pages, pages_show_list, leads_retrieval, public_profile.
Then we set up a webhook to obtain leads from a leadgen form.
We also create a long lived token and store it in the server. Once we have all this setup, Facebook sends us any leadgen data via the configured webhook.
The data looks like this (sensitive data omited):
{
"entry": [
{
"changes": [
{
"field": "leadgen",
"value": {
"created_time": ...,
"page_id": "...",
"form_id": "...",
"leadgen_id": "..."
}
}
],
"id": "...",
"time": ...
}
],
"object": "page"
}
We retrieve the leads data via the /{leadgen_id} endpoint, and the long lived token.
We havent had any issues until today that we tried to connect to another business and recieved this:
CRM access has been revoked from Lead Access Manager.
After some research we noticed that we had to ask the user to enable our Facebook app in: Business Settings -> Integrations -> Leads Access -> CRM
It seems that our other users had the default settings set in the Manage Leads Access: By default, all Page admins and connected CRMs for {company name} can access leads.
But on the company that had activated the Lead Access Manager, when we query the /{leadgen_id} endpoint we recieve this error:
{
"error": {
"message": "Unsupported get request. Object with ID '...' does not exist, cannot be loaded due to missing permissions, or does not support this operation. Please read the Graph API documentation at https://developers.facebook.com/docs/graph-api",
"type": "GraphMethodException",
"code": 100,
"error_subcode": 33,
"fbtrace_id": "..."
}
}
We tried accessing https://developers.facebook.com/tools/visibility, but It does not give us any insight on the error.
Besides that we are also getting an error whe we access https://developers.facebook.com/support/
App health status
Your app received privacy errors during a recent Graph API request. As a result, your app may not function properly until the issue is resolved.
I'm guessing that we have to ask for some other permission or something, but its not clear what or which permission we should ask for in this case.
Any ideas?
In case anyone wondering how to solve this same situation at the end of 2020, here's what I did to solved the problem (this assume you have Business Admin Role for your Page)
Create A System User In Business Settings Page, Add Asset and select your Page to it
Go to Integration -> Leads Access, Select your page, and Assign People then select your newly created System Users to it
Back to System User menu and generate your System Users token, you will need at least ads_management, pages_read_engagement, pages_show_list, pages_manage_metadata, leads_retrieval, pages_manage_ads permission to read the leads detail
Copy your generated token, and use it as access token for accessing facebook graph api with your leadgen_id
The steps above assume you only need to retrieve the leads detail. if you are planning on using the page access token, then your user must be added to the Leads Access, and then you can continue to create your apps page access token using your own access token
Ok, so its seems the issue was because one of the users created the token, and then it was updated by another user, for some reason this caused the error. Both users are admins from the same page.
I still need to debug the exact cause of this, but the issue was that we where sending another token to the Graph API.
I'm trying to post the following the facebook Graph API explorer.
cody.short.94/notifications? access_token= {User Access Token} &template= this is a test &href= www.test.com
I want to be able to send the user a notification, but all attempts have failed. I'm currently getting this error:
{
"error": {
"message": "(#15) This method must be called with an app access_token.",
"type": "OAuthException",
"code": 15
}
}
I'm not sure what is causing it, and I'm in need of some guidance. Any help would be appreciated. note: my app is currently marked for web so that it not the problem
See, the error is quite self-explanatory :
This method must be called with an app access_token
The Notifications API use the APP Access Token, not the user access token!
The App Access Token is: APP_ID|APP_SECRET or get directly from here for testing. (Make sure of the security of this token, this is very crucial and just like a password to your app)
Now test the query with Graph API Explorer , and remove the user token from the Access token field and replace it with the App Access Token
It will look something like this-
Make sure you paste the app access token APP_ID|APP_SECRET on the top field that says Access Token