I have 2 question in app review process. Can you give my some advice?
I want to create a single App within Facebook that is solely for my own use and not intended to be sold or shared with anyone. This application will be used to manage and post content on my pages (https://www.facebook.com/ntdepcom - I sell interior-exterior products) or groups (of which I am the admin).
In Setting Basic Section, I already verified Individual Account; do I need to verify Business Account as well?
When it comes to the verification process, in the 'Add Platform' section I chose the 'Website' option.
I assume that I should fill this cell with a URL that the reviewer will use to access my app; is this correct?
Since this app is only for my own use, I don't need to create a 'beautiful user interface'. Would it be possible for me to create a simple interface with Google Spreadsheet for the Facebook review? (Front-end: Google Spreadsheet, back-end: Google App Script).
I developed a rudimentary application of my own, and I am in the process of constructing its user interface. I need more information about it, because I am not good at interface.
Thank you.
I’m trying to automate creation of ad accounts for my own business, and then upload custom audiences into these ad accounts. I wish to do this using a system user.
I have written some scripts to automate this process, but I am unsure how to receive the appropriate permissions from Facebook as I can not create a screencast, as my scripts has no UI. It’s just a collection of scripts.
Some research has a said that if apps only talk to a small number of accounts, you can just leave apps in dev mode to avoid going through app review, but I don’t think that’s possible in this case for the following reasons.
When my app is in dev mode, and I try to POST to https://graph.facebook.com/v7.0/<my-business-id>/adaccount to create a new ad account in my business, I get the error: "(#270) Development access is not allowed to access business API post:Business/adaccount.” OK. So my app has to be live for me to use this end point. If I set my app to Live, and then try to hit this end point, I get this error "(#294) Managing advertisements requires an access token with the extended permission for ads_management”
Then, looking at the permissions screen in my app, it appears I need to submit an app review with a screencast to be able to use the ads_management permission.
Additionally, if I want to use a system user, I can only approve permissions that have been approved by the app review process.
Given that my app has no UI (and nothing to screencast) how should I proceed? Or am I missing a way to do this without going through the app review process?
Facebook as provided instructions on how to submit those kinds of apps here, https://developers.facebook.com/docs/apps/review/server-to-server-apps:
If your app has no user interface because it exchanges data directly with our APIs, refer to this guide when configuring your app's Basic Settings, and when completing App Review.
I've got incoming messages working via webhook, but what I cannot understand is how I make this available to other users.
I run a SaaS that's used by many different organisations, so I want to be able to give those organisations (who each have a subdomain on my domain) the ability to 'connect to facebook messenger', so that all of the messages to their facebook page (whatever that may be), come into their portal view on my platform.
The only way I can see this working, is by getting each user to register as a developer, and go through all the set up that I did to get my test example working.
But I must be missing something? What's the workflow to enable this, simply, so that users can connect in this way?
You can have multiple Facebook pages connected to your single Facebook app. But you would require permissions from Facebook for that. You can read about permissions here: https://developers.facebook.com/docs/facebook-login/permissions/
We're trying to use the Facebook Marketing API ads_management permission. We want to use the permission to allow our clients to push the media that was created for them on our app to their personal ad manager
Based on their allowed usage, it sounds like we're utilising this correctly but every app review is being rejected with a fairly generic
Your screencast doesn't show how the use of this permission directly improves the user experience in your app. Unfortunately, we also weren't able to determine this from testing your app manually.
For the first point - our screencast shows a brand/client navigating our app to where all their media lies - connect their facebook account - select the media and then push to the ad manager
This gives us the correct response as long as we use their sandbox environment on the Marketing API
On the second point Unfortunately, we also weren't able to determine this from testing your app manually
We provide test credentials for them to login into our application and go through the exact steps demonstrated in the screencast.
I know these reviews have been giving a number of developers issues but would love to hear if we're missing something really basic in our use because the usecase is really straightforward and not really sure how else to demonstrate it
Thanks
I have more than few clients that would like to add facebook connect to their landing pages (managed by me). They are too many and not enough tech-savvy to manually create ad appid for each of them.
So my only solution is to usa my own appid to add facebook connect to all my clients websites, but as far as I know, Facebook doesn't allow to simply use the same appid on any domain.
How can I solve this? I can't find any documentation to solve my issue. Does anyone have a direction for me?
This has been discussed a couple o’ times before already – but I mostly commented on earlier questions, so let me write the whole thing up as a proper answer, for future reference.
[paraphrased] Multiple-client Facebook login via one single app id
Does anyone have a direction for me?
You probably rather don’t want to do that.
It is not really possible to run one simple app one multiple different domains.
As a workaround for only a few domains, people used to specify different domains for the different platforms – Website, Page Tab or Canvas App, plus Mobile alternative for Canvas – without actually using any of those platforms besides Website, which made the app usable on multiple domains as a website app. But since Facebook introduced their login/permission review process¹, you can’t do that any more – they expect you to present actual functionality on all platforms you have configured in your app.
You can kind-off use one single app for login on multiple domains – if you are willing to use only the server-side login flow, and to redirect users to one “main” domain (that gets specified as the app domain in the app settings) to login, and then from there back to the origin domain.
But this has several drawbacks:
It’s not what you’d call a “white label” solution. If your clients expect it to look as if users where logging in via “their” app, it should stay on their domain. Individual branding, in regard to stuff such as app name, app logo that shows in the login dialog, etc., would also not be possible. Additionally, app attribution – the link that shows up under content shared/posted via the app – would only link users back to the main domain, and not to your customer’s.
You would not be able to use the JS SDK for client-side API requests, or even just to embed it to render any of the FB social plugins that require an app id – the SDK checks what domain it is “running on”, and can not be tricked to accept a domain that is not specified in the app settings.
There could be privacy issues. An over-exaggerated example: Just because I as the app user decided to share my photos or videos I have on Facebook with your customer Our-Holy-Mother-of-Christ-Bakery.com, does not necessarily mean I want to share them with your other customer, amateurs-doing-all-kinds-of-nasty-stuff.xxx as well – but if they shared an app id for login purposes, I automatically would. Have fun writin’ the Privacy Policy (which is mandatory if you use FB login functionality, and FB also automatically checks if your app has got one) for that scenario ;-)
Finally, and most importantly: All your customers would be “sitting in the same boat.” If one of them, or in turn their website users, would publish spam via your app id, so that Facebook blocks it, login would not work any more for all of your customer’s websites. And if you decide only then, that setting up an individual app for each of your customers would be the better way to go, they would not be able to recognize their existing users any more, because of user ids being app-scoped since API v2.0 was introduced – so if users logged into this new app, that app would see a totally different user id. (And to rely on an email address as an identifier is risky, too, because you will not get one from the API for every user; for example if they registered using their mobile device.)
Edit: Plus, app/domain insights, as luschn mentioned in his answer.
¹ Yes, the review process has made it more laborious to set up multiple apps for multiple clients. But for apps that do the same stuff/use the same permissions in the same manner, you can refer to an earlier successfully reviewed app id to speed up the process a little. Also, screenshots of how f.e. posts made via the app look on timeline, and what UI components are used, as well as screencasts that you include in your submission could probably be used with little to no alteration.
Apps are not meant be used on several different domains, you will have to create a new App for each domain, i´m afraid. You can use the different platforms in the App settings to use different domains, but there are only a few so it´s pointless. Just create some screenshots and a tutorial for your clients, that´s how it is usually done.
Btw, it would be weird to authorize an App on a website, and the same App would allow you to be authorized on all other client websites. Also, insights are per App, so your clients may want to see their own insights and not the global insights of all domains together.
Many is not defined but i think for being a smart developer you need to create new app_ids for every project you need to use facebook connect. Just my opinion. It also allows you to monitor alot of stuff.