I have authorized my app for several Facebook permissions using my own user account. If I look at the UI, I can see those permissions granted.
If I pull the permissions from the API, it shows many of these same permissions as declined for my user.
That's an API call through the Graph API Explorer using my app's token. I get the same results using cURL.
Some of these permissions require approval from FB, but they have all been approved.
It feels like I'm missing something here. Why does the API return different results than what is shown in the UI? I'm hoping to use the API to see which permissions a user has granted for my app and to ask for a new one if they haven't already granted it. If I can't get accurate results from the API, this won't work.
This happened because I had the wrong Facebook user ID. I used a web site to find my ID which gave me the wrong ID. I found my ID in my app's database, and this returned the correct results from the API.
Related
I have a server side application that read Instagram stories. The documentation here https://developers.facebook.com/docs/instagram-api/reference/ig-user/stories/ says that instagram_manage_insights is required to query stories. However my app review was rejected by facebook saying that for this permission they need a login. There is no login in a server side application and the documentation doesn't say anywhere that only applications with a front end can query stories. How can I work around that? It doesn't look that any other of the permissions allow me to query stories.
I have faced the same issue. In order to get permission (instagram_manage_insights), you actually need a login. Only with the login, FB can authenticate the user and the user can give their permission access to you to that you can use the Graph API to get their story.
Getting the following error while retrieving leads through graph api using form id. The same end point works fine for other users, but its not working for one of the users of the app. Not sure why its happening. Is there anything related to account type on facebook?
(#10) This endpoint requires the 'pages_read_engagement' permission or the 'Page Public Content Access' feature. Refer to https://developers.facebook.com/docs/apps/review/login-permissions#manage-pages and https://developers.facebook.com/docs/apps/review/feature#reference-PAGES_ACCESS for details.
https://graph.facebook.com/v9.0/<form_id>/leads?access_token=<>&appsecret_proof=<>
After adding pages_read_engagement in the scope list and making the user reauthorize the app the said api call is working fine but my query is why did it work for others.
The user does not have any role. User is following oAuth to permit the app to access his facebook pages and ad data
I have an app, and I can write to user's walls with it, having requested the publish_stream permission when they sign in.
I've also created a page and a group, and would like my app to be able to write to those. (Specifically, I want my back-end server to post some updates to those periodically, without a user being involved.) The ability to do this seems to be implied by the descriptions of the /feed parts of those here https://developers.facebook.com/docs/reference/api/page/ and here https://developers.facebook.com/docs/reference/api/group/ . However, I can't seem to find a way to authorize the app to write to these pages. Those docs say it can be done if you have publish_streams and manage_pages. OK, but how do I grant those to my app?
In the user case, you request those permissions when the user signs in via the OAuth flow. However, the page and the group never sign-in, so there's no way for them to grant the app permission. I looked around the settings pages for the group and the page, and couldn't find anything that will let me add the app. So how do I give the app the required permissions to post to the group and the page?
Found it!
http://developers.facebook.com/docs/reference/api/application/
http://developers.facebook.com/docs/howtos/login/login-as-page/
"Application Page Access Tokens
To perform the following operations as an Application Page, and not the current user, you must use the Application's Page access token, not the user access token commonly used for modifying Graph API objects nor the Application access token. This access token can be retrieved by issuing an HTTP GET to /USER_ID/accounts with the manage_pages permission. This will return a list of Pages (including Application profile pages) to which the user has administrative access, along with an access_token for each Page.
Note: Applications that are configured as Native/Desktop apps will not be able to make API calls that require an application access_token."
So:
I went to http://developers.facebook.com/tools/explorer/ and, as me, created an access token with "manage_pages" permission.
I then went to https://graph.facebook.com/$myname/accounts?access_token=$accesstoken
and it gave me a list pages and apps that I had given permission to. I copied the access_token from the relevant page, and pasted that into my code, so that the server-side create event code always used that access token.
And it worked!
I'm using an fb login button on a site, and our app needs extended permissions: publish_stream. When the user logs in, we can get the permissions, get an access_token, and publish various items to their stream.
However, the site doesn't seem to know if the user's logged in to facebook or not, and I'm having to allow permissions on subsequent visits to the page. However, if I hit the website, I get the access_token - but I'm the admin of the facebook app.
Is there a way to get permissions and have them persist, or am I doing something wrong?
It sounds like you might need to request the "offline_access" extended permission (if you want to make API calls after a normal access token would have expired). I'm not sure this is what you need though - this is for making API calls as a user while the user is not logged in to Facebook anymore.
It sounds like your Application is not properly using the API to check if the user is logged in or not. Without seeing any code I can't tell what is happening, but if you are using the API correctly once a user has authorized your application, they should be able to make API calls via your App while they are logged in to Facebook. Unless you changed application's on them, they will not need to re-authorize the permissions.
Please edit your question to provide more details if this does not help, and good luck.
After I add a permission, the user has to remove the app and add it again, in order to grant new permission. The weird thing is that when I request a permission that the user hasn't approved, I don't get an error, but rather only an empty result set.
How do I check if the user approved a permission?
It is quite simple as you can just use the openn graph API to get that information
https://graph.facebook.com/me/permissions?access_token=....