Is it legal to create a web application where users can paste a facebook profile url and app will download and present a profile photo from that link ? An application won't be storing any data of that user.
No, you can´t do that because:
Scraping is not allowed, and that´s what you would need to do.
You can´t be sure if the user who posted the URL is the owner of the profile, he may just paste ANY URL. So the user who owns the profile may not have authorized you to use it.
The proper way to get the profile photo is to authorize the user in your App and use the /me/picture endpoint.
Related
I'm trying to create an app for closeted and questioning youth on facebook, and an important feature would be the ability to be anonymous on the app. I've been trying to find out if people can be anonymous on facebook, but this sounds like it's not allowed. Could facebook users make a new user account within a facebook app to protect their identity?
Thanks,
Colby
No, they cannot create a new facebook account from facebook app. And facebook has nothing to do with making a user anonymous, if user has given your application required permissions then you can have all the information about user, its up to you either you want to make that user an "Anonymous user" or show his profile pic/information.
Some suggestions:
In App Settings > Auth Dialog there is the setting Default
Activity Privacy which you should set to Only Me.
When a user authorizes your app store as little information as is
necessary, and prominently display your privacy policy explaining
what type of information you store, why, and how you will never
share it with anyone.
(optional) Store userids in your database as md5 hashes so that even if someone gains access to that database, they won't know who
the users are.
A while back I created an app ID on facebook and added the appropriate meta data to a website. I now want to continue adding facebook-related features to the site, but it seems the app is not related to my account afterall.
I must have created it under a different account or something, but how can I find who the owner is based on an App ID? I have existing likes, so I don't really want to change the App ID. I don't see any way in the UI, and I do not see the app when I go to the Developer app. Is there a way to do it using the Graph API?
If you have access to the app id and the app secret but no access to the app within Facebook it is possible to discover the creator_uid and from there the email address of the app owner using the graph api.
First get an app access token:
https://graph.facebook.com/oauth/access_token?client_id={APP_ID}&client_secret={APP_SECRET}&grant_type=client_credentials
With this you can get the creator_uid:
https://graph.facebook.com/{APP_ID}?access_token={APP_ACCESS_TOKEN}&fields=creator_uid
Using the app token you will then get the email address when looking up the creator_uid in the graph api:
https://graph.facebook.com/{creator_uid}?access_token={APP_ACCESS_TOKEN}
EDIT (Jan 2013)
Looks like Facebook have removed app profile pages so that method no longer works.
Option 1
You could return the app object, which stores all the populated information about the app by requesting:
https://graph.facebook.com/xxxxxxxxxxxxxxx
Option 2 (This method no longer works)
Or, you could visit the app's profile page and contact the developer directly using the 'contact developer' link:
http://www.facebook.com/apps/application.php?id=xxxxxxxxxxxxxx
(you'll need to replace xxxxxxxxxxx with your app id)
I got this working. If you have both app id and app secret then you can try below steps to get the owner details.
Get the access token using id and secret of the facebook app.
https://graph.facebook.com/oauth/access_token?client_id={APP_ID}&client_secret={APP_SECRET}&grant_type=client_credentials
Using the access token you can call the below API to get a list of administrators of the app.
https://graph.facebook.com/{APP_ID}?fields=id,name,roles&access_token={ACCESS_TOKEN}
Retrieve the owner profile details by,
https://www.facebook.com/{USER_ID}
I have a similar problem, in that I have the id and the secret but no access to the app within facebook.
I haven't found a way to see who owns does have access to the app. But I have found a way to contact a dev
First get the app access token.
https://graph.facebook.com/oauth/access_token?client_id={APP_ID}&client_secret={APP_SECRET}&grant_type=client_credentials
Then get the address:
https://graph.facebook.com/{APP_ID}?access_token={APP_ACCESS_TOKEN}
How can I pull information from MY profile on Facebook and display it on the website I am developing?
I know I can open a dialog to request login to Facebook, but I don't want to login any user. I want to login MY account and get MY info.
Is for contact card purposes.
Thanks!
You could generate an access token, with offline_access and all the other perms you need, and save that with your uid on your server somewhere. Then make a server request to FB for the data when you need it, cache it, and display it?
Is it possible to retrieve an user id before agreeing to give permissions to an application?
I'm trying to salute a user before agreeing to the permission request. But for that I'll need to know his/her user id so I can access the info via graph API.
The idea is to do it when he/she is visiting for the first time my page app.
http://apps.facebook.com/xxxxxxxxxxxxxxx
Any idea?
This is NOT possible. Facebook WILL NOT share the user id with any app without the user explicitly allow that (partners are always a special case).
No it is not possible.
The only way to get the details of the current user is to issue a request to
https://graph.facebook.com/me?access_token=ACCESS_TOKEN
But here the problem is to get the access token, user should allow the application first.
I would like to provide users of my application with ability to upload photos to their Facebook account. The application has a username and password form for the users to fill.
In Graph API, there's a method for uploading photos. But I'm unsure how to authenticate - it doesn't seem to provide a way to supply username and password. It requires access_token.
What's the right way to allow users authenticating and uploading photos using username and password?
It's hard to tell how you want to do this without a sample code or even stating what technology you are using..
Anyway, almost ALL interactions with facebook graph api require an access token and most likely an extended permission.
First of all, for you to post/upload a photo you need:
The publish_stream extended permission
A better understanding of how and where the photo will be uploaded to, this can be done by reading the publishing section in the photo documentation
Now that you have a general idea, in your destination/submission page of your form and when the image is successfully uploaded to your server and it's location is known (obviously), use one of the two answers in this question to upload the image.
P.S: I don't really understand why you need a username & password in first place, but it's your application...
To clarify, the access_token is what you receive after the user authorize your application. So , the provision of username and password only need to be done once, when user first access your app.
You need to redirect user browser or client to : https://www.facebook.com/dialog/oauth... (Refer to https://developers.facebook.com/docs/authentication/ )
Then after you have the access_token, you can just use that for the api call to upload photo to that user.
The authorization process need to be done again when the token is expired.