Setup a Facebook Messenger Robot for another user? - facebook

I am developing a generic Messenger Robot that walks the user through a structured conversation. The user of the Robot can share whatever they like through configuration. For example someone could setup their life story and go through it in stages, childhood, college, professional life. Each of those stage could be broken down into sub-stages and so on.
Is there a way I can setup the bot for FB users? I don't want to have to go on the user FB profile in order to create a bot for them. I'd like my website or FB app to be able to set it up for the user without an fuss on their part. The user would just give the story and allow FB access while all the technical details would be handled in the background.
Ideas are appreciated,
--Matt

Just to wrap this up, a 3rd party can access a users Pages via the Facebook Login feature. Once logged in the 3rd party can generate an Access Token for the page. With the Access Token, the 3rd party can receive and send messages with a Bot.

Related

How does one add "integration flow for an end user to connect their Instagram business account(s)" - FB Graph API (For IG) question

We have a simple app that summarizes the total number of mentions your instagram account gets using the IG-User/tags endpoint on the graph api (https://developers.facebook.com/docs/instagram-api/reference/user/tags/)
The pre-requisite of the app is the user has their fb account linked to their IG - Business or IG - Creator account.
Unfortunately every time we've submitted it for review so far it has come back with the same comment from FB:
"Although we were able to login to your app using the Facebook Login authentication, we were unable to test the steps to connect an Instagram business account. As a result, you'll need to implement an integration flow for an end user to connect their Instagram business account(s)"
Now as I understand it there is no way I can get the user to link their IG account to FB or to a FB page using the API. The "link account" action is purely handled using the Instagram app. Or am I missing something here.
Well after 3 weeks of back and forth with multiple seemingly segmented facebook support teams I have been able to get this permission from them.
Turns out that there's an unexplained flow here:
This is verbatim from the information I received from their chat support (but is not found anywhere in the documentation)
"You have needed to provide Test Users on your App Dashboard, grant the test user the Instagram_manage_comments permission and then provide us with the login details. We would then link that to an internal Instagram Business Account."(sic)
The part where they link an internal business account to the test user happens on their end and outside the scope of the app. I confirmed this and even then I failed the review multiple times because apparently the steps to approve IG business permissions have not been standardized yet and sometimes the approver simply doesn't know what needs to be done. It's a strange state of affairs and the answer it seems is to just keep pushing.
I'm having the same problem and looking forward to see some comments to your post since the first day. But I started to think it will never come.
I believe they want a new user to start with minimum permissions (which is the email permission) and add other permission only as they are needed. This requires a mechanism in your app that guide a new user logged in with only email permission to give other permissions (e.g. taping a button that opens up user’s IG business account needs instagram_basic and manage_pages permissions. Or taping “post comment” button needs manage_comments permission.) So your app should open up a window that the user can give permissions when any of these events fires. (or when user decides to take permission(s) back)
This is what I understand from “steps to connect an Instagram business account”.
But I am not sure if my understanding is correct. I would definitely like to hear if you found any solutions.
I'm also having the same problem as you as I'm developing similar service to IGBlade (https://igblade.com) & Social Blade (https://socialblade.com).
I'm beginning the wonder if I should change my app review request so that I would inform Facebook that the permissions my app is requesting work serverside and therefore there's no need to implement an integration flow for an end user to connect their Instagram business account(s) to my app.
Any thoughts?
Here is what I have done to get the approval
Create a Facebook test user with correct permissions
Log in with this user
Create a Facebook Page
Edit settings on Facebook Page and add Instagram Business account (personal one)
Submit Facebook review with both credentials (Facebook test user + personal Instagram user).
Wait for review and do not forget to change your personal Instagram user password after the review.

How to make a messenger chat bot without a facebook app and webhook?

I went through the documentation for creating a chatbot for messenger platform.
All I find there, I need a server, which in the case used as a service for the Facebook platform.
The server also validates the webhook from facebook app.
Now I see, for a chatbot, I need a facebook app, webhook server and definitely a facebook page.
Then I find an application Flow XO, where I only put the page name and the bot is ready.
My question is, how they(flow.xo) can communicate facebook page without a Facebook app(appId, appSecret) and webHook.
My question is, how they can communicate facebook page without a Facebook app(appId, appSecret) and webHook.
They can’t.
They use their server and their app to communicate with the API, on behalf of the users that grant them access to their pages, by providing the necessary permissions when they log in to that app.
Facebook allows to create a Facebook App which integrates multiple chatbots. At Amio, we ask you for permission using Facebook OAuth. When you give us these permissions we send and receive message on your behalf. This allows you to create a chatbot using Amio API without need of creating a Facebook App.
Facebook Page is always needed as this is the entry point of users interacting with your bot. You can check Amio documentation for more detail.

Explicit consent for Facebook autoposting

Recently, I have a project that users can play a mini-game on a website.
After playing the game, there is a form that required the users to fill-in with the button "submit and share to Facebook".
The logic behind the button is that, it will save the form data to database and check if the user grant the permission Publish Action, if so, it will do the posting action to the user's Facebook timeline.
The reason we did not use Feed or Share dialog is that our clients worry that the users will share some improper content, we will need to track the post ID and delete it if necessary.
Today the Facebook app is being restricted as it violated the Facebook Platform Policies.
I wonder the button "submit and share to Facebook" does not mean obtain their permission each time?? If so, how should I change the flow to fit the Facebook policy?
Thanks in advance
Your app appears to be posting without explicit consent and creating a
negative experience on Facebook. As a reminder, when a person grants
your app write permissions this is a technical grant enabling your app
to create custom share options. After people grant your app a write
permission, you must still obtain their permission each time your app
allows them to share to Facebook. In order for us to consider your
appeal, your app will need to stop autoposting. Below you'll find
information related to the app you want to appeal. Please describe
what your app does and how it distributes content via Facebook Social
Channels in the 'Appeal Message' section to help us evaluate your
appeal.

Using Facebook publish_actions on a live event and getting the app reviewed

I want to create a Facebook app to be used in live events (ie: concerts, conferences, etc).
So the guests would enroll to the event connecting with Facebook Login and asking the publish_actions permission.
The guest will have an Access Card (RFID chip) that identifies himself and links in our database to his Facebook Access token.
Then, during the event, I would like that some actions made by the guests in the event to trigger some actions on Facebook, this actions will be triggered by different applications that communicate with our servers, our servers will comunicate with Facebook API to trigger actions on Facebook.
So when the guest does check in at the event, his Access Card is scanned by the event staff, and then should automatically post a message on his timeline indicating that he is at that event, sharing a link with more details about that event.
We also want to have a physical Photo Booth where the guest has his Access Card scanned, and then takes a picture that should be automatically posted on his timeline too.
So this is not the typical Facebook app flow, as the content is posted automatically by actions made by the user, but managed by our software instead of actions directly triggered by the user himself.
I'm not sure if this kind of application is allowed on Facebook and if it's allowed, how would the review process be done, as this can't be tested using a website or phone app.
Did someone make something similar or knows the best approach in getting this approved on Facebook?
Thank you!
The user MUST login with Facebook and authorize your App. People have tried those things with a specific device where people could login, but Facebook detects multiple logins on one device and may block your App. So the only way is to let people use their own device/smartphone to authorize your App. For example, you could offer them a QR tag with a link to the login flow.
The problem with authorizing before the event and storing a Token is that an Extended User Token is valid for 60 days. So if a user enrolls and the event is 61 days later, the Access Token will not work anymore - unless the User refreshes the Token by visiting your App. So before letting him do this before the event, you can just as well let him authorize the App at the event date.
A specific App for the event is surely the safest way, of course.

Cross Domain Tracking with Facebook Connect

I have a series of applications for an e-commerce service that I'd like to track visitors with; the user enters a site of static pages and then is directed to an application where they place their order, and then directed once more to our payment gateway. Now, Google Analytics has good documentation on how to do this, but our users authenticate through Facebook Connect. This point of authentication causes the tracking to cut off since GA sees this as the user leaving the site.
I'm wondering if there is a way to track the user through this connection, to track their flow from entering the site, all the way to the payment page.
Consider running the FB authentication in a pop up window and once it's complete call a JS on the parent window. I think GA should hold the session.
This answer has an example of refreshing the parent window, your solution should be similar.