We are testing Uber Webhooks. The Webhooks are working well for requests made in Sandbox environment.
We understand that some of the endpoints that require Privileged Scope can be invoked in "Limited Access" mode as long as the user is one of the registered developers.
Is this true for Webhooks also? If one of the registered developers takes a real Uber ride, will the Webhook get invoked?
We took a real Uber ride but the Webhook was not invoked, so wanted to check with the community to be sure.
Yes, you should see the same webhooks behavior for any two users who have granted your app the same set of scopes.
Are the registered developer's rides being requesting via the external API or through the app? If it's through the app, webhooks will only be triggered provided that the registered developer granted your app the all_trips scope from his/her Uber account. With the request scope webhooks are only triggered for rides requested via the external API.
(Context for other readers: Both the all_trips and request scopes are "privileged", meaning that Uber must whitelist an app before users can grant those scope to it. As OP mentions, there is an exception for registered developers, who can grant privileged scopes to the app they're registered for.)
Related
My Facebook application is in online mode, but this error will be reported when calling "/business_id/adspixels". What should I do to avoid this error.
I have tried to apply for various permissions, such as ads_ read、business_ management、attribution_ Read. However, this error will still occur.
{"message":"(#270) This Ads API request is not allowed for apps with development access level (Development access is by default for all apps, please request for upgrade). Make sure that the access token belongs to a user that is both admin of the app and admin of the ad account","type":"OAuthException","code":270,"fbtrace_id":"ABi7JUtohVnMy5rYCCmp-P1"}
I've written a Python script to pull performance metrics data from the Facebook Graph API for a connected Instagram Business account. It's a script which runs locally and uses my account's credentials.
I've submitted an App Review selecting "No" and "App doesn't use the Facebook Login dialog." for the "Is a Facebook reviewer able to access or login to your app to verify you're using permissions or features according to Facebook Platform Policy?" and "Why isn't a Facebook reviewer able to access or install your app? Select the option(s) that best describe the functionality of your integration." questions.
However, it's been rejected with the following reason given:
"We found that your app's test credentials did not allow us to fully review the content of the app or there were no test credentials provided for us to review. If your test credentials do allow access, check that the account is setup properly to provide us with full access and to allow us to reproduce the use case steps."
I followed the steps from the Server-to-Server App Sample Submission. I've explained why each permission is required and uploaded a screencast of accessing the relevant endpoints.
Is there something I'm missing?
My partner and I are having an issue when we use Facebook to log in to Cognito.
When we use a Facebook account that is NOT a developer, the login flow works without issue.
However, when he or I log in, we see the error message below.
Invalid Scopes: openid. This message is only shown to developers. Users of your app will ignore these permissions if present. Please read the documentation for valid permissions at: https://developers.facebook.com/docs/facebook-login/permissions
We have the following scopes set up in Cognito:
OAuth 2.0
Allowed OAuth Flows
Authorization code grant
Implicit grant
Allowed OAuth Scopes
phone
email
openid
aws.cognito.signin.user.admin
profile
NOTE: This only happens for developers specified in the Facebook Developer portal. It does not affect end users.
Any ideas what might be causing this issue?
Did openid get deprecated and replaced by something? If I remove openid from the scope, I no longer can get the IdToken from Cognito.
According to AWS documentation The Facebook scopes and attributes may vary with each API version, so we recommend testing your integration. (found in https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-configuring-federation-with-social-idp.html). So maybe you can check according to the api version of Facebook that you are using. In the case that you want openId (that is not the default scope for Facebook ) then, according to https://developers.facebook.com/docs/permissions/reference/ you should ask specifically for it as per this sentence If you ask for permissions other than the default profile fields, email, or pages_show_list, you must submit your app for app review so Facebook can confirm that the app uses the data in intended ways and safeguards user privacy.
I am not able to get webhook calls when another user post a comment (with mentions) on another/my media.
Just for testing purposes I set up a ngrok server for my webhook endpoint, which always answers with a 200 and handles the verfication. Before the heavy coding I just wanted to see if the webhook workflow for Instagram is generally working.
I created a Facebook app, an Instagram business account, a Facebook page and linked the page with the Instagram business account. With the information at Webhooks for Instagram I created a page access token with the Graph API Explorer. When I debug the token with the Access Token Debugger, everything looks fine. All needed permissions like manage_pages, pages_show_list, instagram_basic, instagram_manage_comments, instagram_manage_insights, public_profile are there. With the page access token I am able to fetch all informations regarding my linked Instagram business account via the Graph API Explorer.
Also the Instagram product was automatically added to my Facebook app. Test requests, which where send via the app dashboard (Webhooks product), will be received by my ngrok server. But any type of mentions or comments from another or my Instagram account (business or not) on my or other medias will not be received. What am I doing wrong? Do I have to send those comments/mentions from a specific account, since the app is in development mode and there roles in the app?
After speaking with the Facebook support, my confusion has been resolved.
The problem is that the Webhook for the Instagram product does not work without a verified app review. I had been wondering how to record a screencast with my running solution, without running webhooks... Above all, I had wondered why the webhooks in dev mode worked for the product messenger but not for instagram (or others). Apparently, the app review is not about the technical implementation but rather about checking that the implementation complies with the facebook guidelines. Therefor I want to quote the Facebook support:
Messenger does allow page owners and app admins to receive webhooks for their implementations in devmode and is by design. However, this is not the same for instagram or pages. This is just how the product teams have decided to implement it. For app review, you can show a mock process of the flow, using either the test webhook or your own process. The app review is less about technical implementation steps, but just a way to make sure that your app is going to use the permission in a way that follows our guidelines, so mocking the procedure should be fine. The reviewers understand that you do not receive webhooks in dev mode and should take this into consideration.
Consequently, I will now have to submit an app review and for that I have to imitate the webhook.
I am looking at using the Business Manager API to manage our clients Facebook advertising, including a central billing implementation, and have a few queries.
From what I can gather, to use the Business Manager API, I have to have my App accepted, then request access to the Business Manager API, then open a line of credit.
Can I develop my application in sandbox mode and get access to the Business Manager API?
How long does the process, usually, take to accept a Facebook APP, give access to the BM API and open a line of credit?
Not being able to access the BM API endpoints to manage clients and create ads hampers the development process and the ability to request the Facebook App for review.
Any help on this would be gratefully appreciated.