My app is ready for Live environment, when i try to login on uber account with user that is not added under developers section in Uber API after login user get invalid_scope error.
I am using live URL for login
When you're ready to open up your app to a larger audience and go into production, please submit a request for Full Access and provide adequate material showing the Uber API integration. Steps to Request Full Access
1) Sign In to the Developer Dashboard using an Uber account.
2) Click the Authorization tab
3) Click Request Full Access next to the privileged scope
4) Provide as much information about your app as possible
5) Submit the request
Find out more in the scopes docs: https://developer.uber.com/docs/rides/scopes
Related
Facebook recently released a step-by-step documentation for using a GrapAPI to manage Instagram messages. To obtain the access token to use it, it's necessary to create an application in the developer center, enable login via Facebook and include the permissions "instagram_basic", "instagram_manage_messages" and "pages_manage_metadata" but to activate these options it's necessary to submit various information for approval as statement of how the integration works and descriptions of the usage flow. I don't have access to this information because I can't develop an integration without it being approved.
It's not possible to use the provided test user as the pages raised by him cannot be linked to Instagram accounts.
Tutorial followed: https://developers.facebook.com/docs/messenger-platform/instagram/get-started
Someone with some experience with the Facebook API could give me a light on how to obtain the token with access required and proceed the tests?
I have done the tutorial as well, I faced the same problem. To enable instagram_basic, instagram_manage_messages and pages_manage_metadata without app review you need to create a test-app. For test apps all permissions are granted without review.
Instructions on how to create a test-app
Another usefull tipp: If you are wondering why you need to implement facebook login to access the instagram messaging api, the logic is the following: You need to implement login to then use your own implementation to logg in your own account and obtain the page access key that will let you do api calls to the instagram messaging api. This process is obviously overkill and instagram is working on a way of getting that access token through the developer dashboard.
For now to obtain that access token you need:
implement facebook login as a simple html website and console log the response. Be sure to add the required permissions to the data-scope attribute of the facebook login button:
<div
class="fb-login-button"
data-scope="public_profile,email,instagram_basic,instagram_manage_messages,pages_manage_metadata,pages_messaging"
></div>
deploy to a website that has https enabled (logging in from
localhost will only work if you use a tunelling service like ngrok).
Open your website that has facebook login implemented and logg in with your facebook account that is also linked to the target instagram account and also is admin of your test-app.
get the access token from the response to call the other API endpoints.
I've written a Python script to pull performance metrics data from the Facebook Graph API for a connected Instagram Business account. It's a script which runs locally and uses my account's credentials.
I've submitted an App Review selecting "No" and "App doesn't use the Facebook Login dialog." for the "Is a Facebook reviewer able to access or login to your app to verify you're using permissions or features according to Facebook Platform Policy?" and "Why isn't a Facebook reviewer able to access or install your app? Select the option(s) that best describe the functionality of your integration." questions.
However, it's been rejected with the following reason given:
"We found that your app's test credentials did not allow us to fully review the content of the app or there were no test credentials provided for us to review. If your test credentials do allow access, check that the account is setup properly to provide us with full access and to allow us to reproduce the use case steps."
I followed the steps from the Server-to-Server App Sample Submission. I've explained why each permission is required and uploaded a screencast of accessing the relevant endpoints.
Is there something I'm missing?
We have a simple app that summarizes the total number of mentions your instagram account gets using the IG-User/tags endpoint on the graph api (https://developers.facebook.com/docs/instagram-api/reference/user/tags/)
The pre-requisite of the app is the user has their fb account linked to their IG - Business or IG - Creator account.
Unfortunately every time we've submitted it for review so far it has come back with the same comment from FB:
"Although we were able to login to your app using the Facebook Login authentication, we were unable to test the steps to connect an Instagram business account. As a result, you'll need to implement an integration flow for an end user to connect their Instagram business account(s)"
Now as I understand it there is no way I can get the user to link their IG account to FB or to a FB page using the API. The "link account" action is purely handled using the Instagram app. Or am I missing something here.
Well after 3 weeks of back and forth with multiple seemingly segmented facebook support teams I have been able to get this permission from them.
Turns out that there's an unexplained flow here:
This is verbatim from the information I received from their chat support (but is not found anywhere in the documentation)
"You have needed to provide Test Users on your App Dashboard, grant the test user the Instagram_manage_comments permission and then provide us with the login details. We would then link that to an internal Instagram Business Account."(sic)
The part where they link an internal business account to the test user happens on their end and outside the scope of the app. I confirmed this and even then I failed the review multiple times because apparently the steps to approve IG business permissions have not been standardized yet and sometimes the approver simply doesn't know what needs to be done. It's a strange state of affairs and the answer it seems is to just keep pushing.
I'm having the same problem and looking forward to see some comments to your post since the first day. But I started to think it will never come.
I believe they want a new user to start with minimum permissions (which is the email permission) and add other permission only as they are needed. This requires a mechanism in your app that guide a new user logged in with only email permission to give other permissions (e.g. taping a button that opens up user’s IG business account needs instagram_basic and manage_pages permissions. Or taping “post comment” button needs manage_comments permission.) So your app should open up a window that the user can give permissions when any of these events fires. (or when user decides to take permission(s) back)
This is what I understand from “steps to connect an Instagram business account”.
But I am not sure if my understanding is correct. I would definitely like to hear if you found any solutions.
I'm also having the same problem as you as I'm developing similar service to IGBlade (https://igblade.com) & Social Blade (https://socialblade.com).
I'm beginning the wonder if I should change my app review request so that I would inform Facebook that the permissions my app is requesting work serverside and therefore there's no need to implement an integration flow for an end user to connect their Instagram business account(s) to my app.
Any thoughts?
Here is what I have done to get the approval
Create a Facebook test user with correct permissions
Log in with this user
Create a Facebook Page
Edit settings on Facebook Page and add Instagram Business account (personal one)
Submit Facebook review with both credentials (Facebook test user + personal Instagram user).
Wait for review and do not forget to change your personal Instagram user password after the review.
I try to create actions for Google Home. For my new action I need to ask user authorization in my web site, I need to identified user. For this user should be find my action in Google Home app, linked on my web site and sign in.
My question in the next. Have I any chance to create all this using only emulator? Or without Google Home device I can't do anything?
You'll definitely be able to implement and test this just using the emulator, although it will not work as smoothly as if you had an actual device. The procedure is known as "account linking" and is detailed at https://developers.google.com/actions/develop/identity/oauth2-overview, but in general the flow is:
Your service needs to act as an OAuth 2.0 server and have an authorization page and a token exchange endpoint available to the Google Assistant.
When the user activates your Action for the first time, they're told they need to give Home permission to access your account and they should check the Google Home app for a card.
The card will redirect them to the authorization page, where they log into your website and authorize access to your site from Google Home.
As part of authorization, you'll continue the OAuth 2.0 flow and will (eventually) issue a bearer token that Google Home will store.
Users can then re-trigger the Action. Every time your webhook is called, Google Home will send this token to you.
You can then use this token to lookup which user is making the request.
There are a lot of additional details, which are covered in Google's documentation and in the OAuth 2.0 specification, but this is generally how it works.
For the emulator, users are not directed to the card in the Google Home app. Instead, you can see in the return JSON provided by the emulator the first time you activate the Action. In it, the debugInfo.sharedDebugInfo.debugInfo field contains the authentication URL. You should go to the URL in a browser, complete the sign-in and authorization flow, and will eventually be redirected to a URL that includes the parameter result_code=SUCCESS. After this, using the emulator will send the access token to your webhook. See https://developers.google.com/actions/tools/testing#testing_on_the_google_home_web_simulator for additional details.
I have facebook app with status Live and available to all users. When I login through this app on my site I get access_token for my facebook user. And with this access_token I can read with Ads API next methods (for my own ad campaigns):
/me/adaccounts
/act_<AD_ACCOUNT_ID>/agroups
But when someone else login on my site (and confirms all permissions) and I get his/her access_token I can't perform second api call. I get this error (#10) You do not have sufficient permissions to perform this action. But I can get account ids. So, first method works, second not. How to fix this?
P.S. Status of app in App details tab is Unapproved (lightblue circle).
P.P.S. After adding that user to app's developers all is ok with second method (adcampaigns).
Your app is most likely in development Tier for Ads API Access
https://developers.facebook.com/docs/reference/ads-api/access#limits
You need to apply for higher levels
Some time its happen when you reach the limit of Marketing API Access.
https://developers.facebook.com/docs/marketing-api/access
Suppose your application have basic Marketing API Access Levels (In Basic, further test, iterate, build an app with up to 25 external accounts.) and you reach limit of ad account. When your new ad account(s) will request Facebook Ads API access then facebook send you mention error response.
To check your ad account(s) and their limit
Facebook APP -> Settings -> Advance tab -> Advertising Accounts section -> Ads Api button
https://developers.facebook.com/apps/YOUR_APP_ID/settings/advanced/