I have a headless Facebook app that we've been running for 4 years. It is a bit unique in that, a) it has no user display b) it isn't available on the public internet it is hidden behind firewalls.
I use the standard Facebook Login Page during configuration of our app merely to get a permanent access token and authorize permissions. The only permissions I need are publish_actions, publish_pages and manage_pages.
I've tried to submit the approval form for this app to Facebook and get complete rejection because I haven't provided screen shots of what they see when they log into the app. I can't do that because as I said, it's headless and not available on the public internet. The response I get from the reviewers is completely canned with no thought on their part as to the restrictions of my app.
Does anyone know what I can do to get this app approved? As I mentioned, we've had this app on Facebook for 4 years prior to April 30, 2015. Is there someone I can talk to at Facebook? I've tried to explain the situation in the submission form, but obviously that didn't work.
Related
Now, My Facebook Login API has been restrict with the following message from Facebook:
Your app is violating the following Platform Terms or Developer
Policies: Developer Policy 1.2: Build an app that is stable and easily
navigable.Some common violations of this policy include:
Broken Facebook integration (e.g. broken share, like or comment functionality)
Broken user experience in the app (e.g. app has broken links or user interface failures)
I still have no clue what I have done wrong on my Facebook API though.
How can I make a change on Facebook API to solve this kind of problem that causes Facebook to restrict by Facebook Login API.
That may be due to the following reason:
Facebook periodically reviews the websites and applications which are
on it. Your application is in its review process currently. We are
required to test the Facebook login functionality in order to conclude
the review in totality. However, we are unable to do so.
Unfortunately, we have not been able to locate a Facebook integration
(Login, Share, and Like) on your submitted platform. To help us
conclude the review process, could you kindly share the details
regarding the location of a Facebook integration and how to navigate
to it on your website URL.
This review is essential to Facebook as we want to offer the best
experience to users as well as developers like yourself. Please help
us in bringing your application into compliance by working with us.
Alternatively, you could aid us by sending us credentials of a test
user who is already registered and connected to an FB account within
the app. You can get all the information related to creating a test
user here - https://developers.facebook.com/docs/apps/test-users.
Most people get this response in further detail. You can check the Facebook button on the given URL in the Facebook app.
If Facebook button URL is different and the URL mentioned in the Facebook app is different then you should reply to them and explain it.
We have a simple app that summarizes the total number of mentions your instagram account gets using the IG-User/tags endpoint on the graph api (https://developers.facebook.com/docs/instagram-api/reference/user/tags/)
The pre-requisite of the app is the user has their fb account linked to their IG - Business or IG - Creator account.
Unfortunately every time we've submitted it for review so far it has come back with the same comment from FB:
"Although we were able to login to your app using the Facebook Login authentication, we were unable to test the steps to connect an Instagram business account. As a result, you'll need to implement an integration flow for an end user to connect their Instagram business account(s)"
Now as I understand it there is no way I can get the user to link their IG account to FB or to a FB page using the API. The "link account" action is purely handled using the Instagram app. Or am I missing something here.
Well after 3 weeks of back and forth with multiple seemingly segmented facebook support teams I have been able to get this permission from them.
Turns out that there's an unexplained flow here:
This is verbatim from the information I received from their chat support (but is not found anywhere in the documentation)
"You have needed to provide Test Users on your App Dashboard, grant the test user the Instagram_manage_comments permission and then provide us with the login details. We would then link that to an internal Instagram Business Account."(sic)
The part where they link an internal business account to the test user happens on their end and outside the scope of the app. I confirmed this and even then I failed the review multiple times because apparently the steps to approve IG business permissions have not been standardized yet and sometimes the approver simply doesn't know what needs to be done. It's a strange state of affairs and the answer it seems is to just keep pushing.
I'm having the same problem and looking forward to see some comments to your post since the first day. But I started to think it will never come.
I believe they want a new user to start with minimum permissions (which is the email permission) and add other permission only as they are needed. This requires a mechanism in your app that guide a new user logged in with only email permission to give other permissions (e.g. taping a button that opens up user’s IG business account needs instagram_basic and manage_pages permissions. Or taping “post comment” button needs manage_comments permission.) So your app should open up a window that the user can give permissions when any of these events fires. (or when user decides to take permission(s) back)
This is what I understand from “steps to connect an Instagram business account”.
But I am not sure if my understanding is correct. I would definitely like to hear if you found any solutions.
I'm also having the same problem as you as I'm developing similar service to IGBlade (https://igblade.com) & Social Blade (https://socialblade.com).
I'm beginning the wonder if I should change my app review request so that I would inform Facebook that the permissions my app is requesting work serverside and therefore there's no need to implement an integration flow for an end user to connect their Instagram business account(s) to my app.
Any thoughts?
Here is what I have done to get the approval
Create a Facebook test user with correct permissions
Log in with this user
Create a Facebook Page
Edit settings on Facebook Page and add Instagram Business account (personal one)
Submit Facebook review with both credentials (Facebook test user + personal Instagram user).
Wait for review and do not forget to change your personal Instagram user password after the review.
Since last few weeks our FB integration is broken, our app and website having option to login using FB, we were pulling FB token and public profile info such as name, email but now seems FB has restricted our app, and got message
"We've restricted this app for violating the Facebook Platform Policies."
We double checked updated policies document and it seems nothing is there which can break FB policies, we are struggling to identify exact reason, we raised Appeal few weeks ago to FB but no reply, now we all our live users are stuck they are not able to use their account anymore in our platform.
Is there any way to identify exact reason, based on which parameters FB has blocked our app?
Finally FB Login started working, as we sent Appeal to FB and they re-activated API Key, explained about data which we are exacting from FB API and use of that data.
I'm using Facebook api to post news on my page.
The process is as follow :
Edit the news on my website
Put the news on a pool, waiting to be published on my Facebook page
A cron is runing and take one news from the pool and post it on my Facebook page.
I'm not using any Facebook's button, everything is done in the background.
So do I have to make a screencast for Facebook approval ? (If yes I really don't know how to make it)
Someone can help please ?
So do i have to make a screencast for Facebook approval ?
In general, that depends - on whether you are able to grant all necessary permissions, when your app is in “live” mode.
You are going to need manage_pages and publish_pages permissions for this. For newer apps, Facebook does not allow to grant publish_pages any more, when the app is “live”, but the permission has not been approved yet in review - even for users with a role in the app.
So you will need to submit for review and get this approved, otherwise you won’t be able to grant this permission in live mode. (Your app needs to be in live mode; in dev mode all content created through it would only be visible to people with a role in the app, but hidden from normal users - not what you want.)
https://developers.facebook.com/docs/apps/review/server-to-server-apps gives instructions on how to submit an app that does not have a normal, public facing login implementation.
Make sure to describe to them very clearly that this app is not for public use.
Is there a way for me to test permissions that are not yet granted to my app by Facebook like the "user_status" permission? I need to test "user_status" for a future app that is not yet in develop since I need to prove that what the client wants is possible.
As long as you are testing with an app admin/tester/developer, everything should work, even if the app didn't pass the facebook Review yet.
See
https://developers.facebook.com/docs/apps/review/login#do-you-need-review
However, in order to help you craft your Facebook Login experience, your app's developers will be able to see, and grant, any permission without requiring review by Facebook.
Note: People who are listed in your app's Roles tab will have access to extended permissions without going through review (e.g. publish_actions or manage_pages). For example, if you use the Facebook Plugin for Wordpress to publish your blog posts to your Facebook Page or Profile, you do not need to submit for review so long as all your publishers are listed in your app's Roles tab.
Also, if you're the developer of an app and are the only person using it, then your app doesn't need to go through review. Since you're the developer, all app capabilities should be available. You will still need to take your app out of developer mode, but you should be able to do that without going through review.