I'm using v2.5 of the Facebook Graph API.
What's the difference between manage_pages and pages_show_list permissions?
From the docs it seems that you need manage_pages to get a page access token. But I tried and I was able to get it with just the pages_show_list permission.
Is this a bug or am I missing something?
The docs are vague und not complete on this subject. Facebook says they grant pages_show_list to all apps (I can't confirm this, see this question), while manage_pages requires review by Facebook.
One import difference is the way the app is presented to the user. If you request manage_pages, the user will be told that your app wants to manage his/her pages before the user approves.
Besides that, the only difference I found in the docs is the fact that manage_pages combined with publish_pagesallows apps to, well, publish pages.
pages_show_list simply allows you to receive a list of the pages that the requesting user is an admin of.
Related
As i understand, i need to validate my person, wait for my app review etc.
But what if i just need to post only on my page and nowhere else? Someone told me that i just have to be an app and page administrator and i even can leave app in dev mode but it didn't work for me. In all cases i just recieve
If posting to a group, requires app being installed in the group, and either publish_to_groups permission with user token, or both manage_pages and publish_pages permission with page token; If posting to a page, requires both manage_pages and publish_pages as an admin with sufficient administrative permission
Is it any way to skip all these checks and use API for posting? If not, can you tell me some free services i can use to reach this with? Much thanks for answers.
If you are posting to a page (any page) you need a token with manage_pages and publish_page.
You can generate a test token using the explorer: https://developers.facebook.com/tools/explorer/ - but this token is short lived (1h)
Using the short term token in the explorer, you can get a list of your pages (endpoint: /me/accounts) that you manage and that list will contain a page_token for each page you manage.
With that page_token you can post to the page.
You can put the page_token into the Access token debugger to see it's permissions.
https://developers.facebook.com/tools/debug/accesstoken/
You need approvals if you are putting the app live and allowing non-developers access to it.
I have an app that programmatically make post on a configured Facebook Page.
My app obviously have both the manage_pages and publish_pages permissions approved and I'm using pages access token
Everything work well since now, but recently when I POST on page feed
https://graph.facebook.com/v3.1/234002440799692/feed
I get this error:
{"error": {
"message":"(#200) Requires either publish_to_groups permission and app being installed in the group, or manage_pages and publish_pages as an admin with sufficient administrative permission",
"type":"OAuthException",
"code":200,
"fbtrace_id":"HEVcI\/Tq3fW"
}}
I know that Facebook has deprecated publish_actions scope, so that it's not possible anymore to post programmatically on the personal feed, but I can't find out why the post on a page return this kind of error.
Some further infos:
posting with a developer account actually work
the user by which the page access token is obtained, created the page on Facebook (so I think it's an admin for the page)
i recently migrated from graph_api v2.12 to v.3.1
Any suggestion will be appreciated
Thanks
I figured it out what the problem with some pages is.
It seem that now, if the user grant the manage_pages and publish_pages permission, that will be valid only for already existing pages!
New pages haven't the permission granted by default.
The only way I can fix the problem was to remove my app from the user profile (Facebook Settings > Business Integrations > Select the app > Remove) and then prompt the user again with the Facebook OAuth permission dialog.
I don't know if there is a way to force the app removal programmatically, but I can't find out.
You can use the following URL:
https://graph.facebook.com/v7.0/234002440799692/feed?&access_token={access_token}
I'm quite confused about Facebook's new publish_pages permission.
My Facebook app allows our CMS users to post to their Facebook pages via our CMS, posing as the page.
We have been granted (via the login review process) the manage_pages and publish_actions permissions.
The API change log states this:
publish_pages Permission - This new permission is required to publish as a Page. Previously publish_actions was required. People who granted manage_pages and publish_actions before v2.3 have automatically been granted publish_pages. If anyone logs in via v2.3, you'll need to request publish_pages explicitly in addition to manage_pages.
We have not been granted the publish_pages permission automatically.
The blog post here states:
For Page developers, we've added the ability to deliver more content on a Page via real-time updates (RTUs). A new Login permission, publish_pages , is now required for apps to publish on behalf of Pages; previously, this required publish_actions.
So it sounds to me like if we upgrade to use API 2.3, our service will no longer work, because we haven't been granted publish_pages.
The documentation states this:
A user access token with publish_actions permission can be used to publish new posts on behalf of that person. Posts will appear in the voice of the user.
A page access token with publish_pages permission can be used to publish new posts on behalf of that page. Posts will appear in the voice of the page.
We do want to post in the voice of the page, as we do currently.
Therefore I opened a new login review request and summarised all of the above, quoting their changelog. Facebook's response was this:
You don't need the publish_pages permission because you already have the publish_actions and manage_pages permissions granted. Publish_pages is a new feature that allows an app to publish to a managed Facebook fan page, but your previously granted permissions contain this functionality already.
Is it just me, or does that response conflict with everything else they've written?
So my question is simply, do we need this new permission going forward or not, and have they wrongly not automatically granted it to us?
Well apparently Facebook's supports response is in some manner wrong.
If you want to post on Page on behalf of the user manage_pages and publish_actions publish permissions are passable for post action.
If you want to post on behalf of the page you also need publish_pages permission, without this all v2.3 api calls will return OAuth Error. There might be other privileges for managing your pages under this permission i don't know
I have implemented a server-side login flow for a facebook page management application to allow my users to grant the necessary permissions to this application. So far, this works nicely and allows my application to obtain a "page access token" after being granted the manage_pages permission.
However, during the login flow, the facebook UI on facebook.com requests both the manage_pages permission (which is what I asked for) and the permission to see the list of friends of the user (which I did not ask for).
To be specific, I redirect the user to https://www.facebook.com/dialog/oauth?client_id=...&redirect_uri=...&state=...&response_type=code&scope=manage_pages.
Is there a way to convince the facebook UI to not request permission from the user to see his list of friends ?
For reference, since I spent a good amount of time researching an answer to that question, I believe that it is impossible to explicitely not request permission from the user to see his list of friends. The Facebook documentation hints at this by stating that these are the "default" permissions that every application gets.
I have got this error message from facebook .
Your app asks for 4+ read permissions along with public profile and
friend list. Asking for too many permissions can lower conversion by
as much as 40%. To improve your conversion rate and give people a
great app experience, we recommend that you ask for fewer permissions.
Read our règles élémentaires for more details.
My App ASK For This permissions :
publish_stream, publish_actions, user_groups
So i dont know if i must ignore
publish_stream
permission or not because my app just need to post contents no more things.
You can safely ignore the publish_stream permission as it is already included with the publish_actions permission. Quoting from the blog post about the same issue
publish_actions will now include basic publish_stream permissions (including posting on a user's timeline, posting photos/videos, commenting on and liking content), which will appear on the first Auth Dialog screen. With this change, apps that were previously granted publish_stream do not need to request publish_actions.