Facebook denied the publish_actions permission because we auto-populated the message, meaning we didn't allow users to type message. We post our generic message. I've seen there are apps that are allowed to auto-populate the message i.e. game apps that post scores to user's timeline. My question is, can you still auto-populate the message with newly created apps? If so, what steps do we need to take. I've read around and found that Facebook policy changed, and if your app was created prior to policy changing, you lucked out and are allowed to auto-populate messages. Wanted to get clarity on this if anyone knows.
Related
My question is about Facebook permission over Application Shares.
I'm developing a App solution to my Customer, out of Facebook's Domain: Here's how it works:
The user access a Page where he can write a message to create a post with Image features;
He is requested to approve this post on his Facebook's Timeline;
When he finishes, the post can not be instantly posted. It will be saved among other users' messages;
When the time comes, an administrator, through a Control Panel, will check and select the best message to qualify;
Only the best message will be posted on the author's Timeline (User Timeline).
The question is:
I know that Facebook is not allowing Implicit Shares, but I don't know if posting only after an administrator input is considered implicit, because there won't be user approval on that moment. He already did it back there writing the message.
Is that possible, or I will have to make another request through Notification or something?
Thanks to the comments. Here's the answer to my own question:
The Answer is NO. Doing a post without user confirmation, even if he already did it some time ago is considered a Implicit Share, and it is no longer possible. There is another problem with the step I provided. You cannot ask for a user to publish something that won't be made instantly. If you ask to do this, it must be right on time. I think there is an exception for Pages, but that's not the point.
To comply with facebook's policy, the same functionality can be made with these steps:
The user access a Page where he can write a message to create a post with Image features;
At this moment The User is NOT asked to post this on Facebook. He is just asked to create it without mentioning Facebook itself;
When he finishes, the post will be saved among other users' messages;
When the time comes, an administrator, through a Control Panel, will check and select the best message to qualify and notify the selected user to access the link containing the message;
Here, finally, the user can see his message and is asked to post it into his timeline;
The applications must always do exactly what they tell the Users they are going to do, and you cannot ask something or request a permission for some functionality that you won't use at that moment.
Thank you!
We are having a problem with the review of our app which needs FB user's authorization to publish a post to his wall (publish_actions permission rejected by FB reviewer). The post is a promo offer developed by some retail store which is generated on server and needs to be put on user's wall.
We are seeing this in many cases by apps that are approved by FB but the reviewer has stated this: 'Make sure the user message area is not pre-filled in any way by the app otherwise the submission will be rejected. This includes hashtags, URLs, and any other text not written by the user.’
What we see in many cases is that the message is pre-filled with text from a publisher so that when its posted to the wall you see an image with some text including a link to the FB page of the publisher. Does anyone know why we are not allowed to do the same?
Prefilling is not allowed. It does not matter if you see it in another App, it´s still not allowed. If you believe an App does it, report it to Facebook.
Also, the user profile is not a place to advertise, each and every single post to the user wall must be written and authorized by the user. You can only add a link with Open Graph tags to it. See the docs for information about all the possible parameters: https://developers.facebook.com/docs/graph-api/reference/v2.3/user/feed#publish
I am trying to create an action on an article so when a user, who has authorized the app lands on article, it publishes the fact they've read the article to their timeline.
This works for me without issue but when anyone else tries it, they get an error along the lines of
Requires extended permission: publish_actions
I saw a notice on Facebook saying :
While in Open Graph Beta, the 'publish_actions' permission can only be
requested from developers and test users of your app. The
'publish_actions' permission will be ignored if requested from any
other user.
However, the likes of Spotify, Guardian and Independent utilize pretty much exactly what I need. How come? What are they doing differently to me?
You have to submit your created action types here: https://developers.facebook.com/apps/<app_id>/opengraph - once they have been approved you will be able to use them publicly.
You have to submit the actions also you need to take the permission from the user.
There are two types of permission, user permission and friends permission. Your suppose to take 'publish_actions' permissions from user as well as from friend.
My app stores the Facebook Access Token for offline use. The main purpose of the app is to allow users to automatically posts on the walls of people within a specified number of days of their friends birthday.
My app has been blocked by Facebook due to spam (some users are sending marketing messages to their friends instead of using the app for it's purpose).
I want to find out who those users are and block their access to my application. The only problem is that my Facebook App has a few hundred access tokens (one for each user of my application). The insights dashboard does not provide me with stats per access token. I need to find out which of my users are getting their wall posts reported as spam.
Is there any way of doing this?
After appealing, Facebook has unblocked my application but I don't want it to happen again. As far as I can tell, I can find out the number of people who have reported the wall posts as spam...but I don't know which access token made those posts...and hence don't know which of my users is posting spam messages.
It's not Facebook job to keep track of your application internal activities. You should be logging every activity, at least posts ids returned when someone posts anything on their friends' wall.
And one more time... you DON'T need the offline_access permission to publish something when the user is offline!
According to the Facebook Platform Policies:
You must not pre-fill the user_message
parameter or content sent via an
extended permission (such as a status
update or note), unless the user
generated the content earlier in the
workflow.
Does that mean that I can't publish stories to the stream automatically, even if the user agreed to?
I've seen apps (such as PlayStation Network, Foto Diaria) that publish stories automatically.
PlayStation Network publishes stories about actions you did in PS3 games and Foto Diaria publishes a picture from your wall every day. In both cases the attachment is created by the application, and the user message is empty. Could that mean that publishing stories with an empty user message (empty, not absent) is not considered pre-filling?
EDIT: I need to know what is allowed or not by the Facebook Platform Policies, not how to post stories.
If you ask the user for the publish_stream extended permission then you'll be able to post automatically whilst the user is interacting with the application. You can pre-fill the user message only if it's something that the user has entered earlier in the process e.g. if you've asked them to comment on a piece of content and then publish a story about the comment. If in doubt, leave it blank.
If you want to publish automatically even when the user isn't online then you'll also need them to grant the application the offline_access extended permission. In this case you'll also need to store the session key that Facebook gives you for that user.
https://developers.facebook.com/docs/guides/policy/examples_and_explanations/stream_stories/
Check this out. The Platform policies section of the FB Dev site has some additional documents to allow you gain a better understanding of the guidelines for sharing.
Please also read the section about User Feedback.
https://developers.facebook.com/docs/guides/policy/examples_and_explanations/user_feedback/
Hope this helps.
We can ask user to grain of offline_access permission, which is access to user profile at anytime, even if user is not online. But this permission will no longer available.
I agree that this permission is so harmful to user.
But it still useful if owner app want to post to their own account during user use their app. If you want to post to your self account, you can manually grain offline_access to your app, and select access_token and keep it in your own app, and use it when you need to post your account. It make sense that Facebook should allow developer to do this task.
it is simply forbidden but, there is a catch about it, if is text prepared by user previously, you can post that text later and I think you are able to add your own text to that. But not so sure..
I'm saying this based on McDonald's Canada's yourquestions app, you can ask questions to them, whenever its answered they posting to your wall.
But to clarify that, as a PMD I'll ask to FB personally and let you know what is the answer is.