I need to display on a website the planned events of my facebook user account.
I use this link, with the access token of my app.
https://graph.facebook.com/{$fb_user_id}/events/attending/?access_token={$access_token_app};
I tried several times with different accounts, but I always get an empty data array, or only events that were created by the account itself.
Maybe it's because the access to planned events of a user is restricted ?
Do I need a particular access_token ? Or an authentification ?
Thank you for your help !
You need the 'user_events' permission granted to be able to view a user's events. Have you checked that?
Related
I created a test app on Facebook.
I chose to request access to user events for API calls.
I then connected my user properly through api, I can get user details by oauth key for this particular user, but I can't access user events.
From the tools that FB provides, I seem to be able to access the user events, but the oauth key used in the call is different from the one FB gave me back for this user.
What did I miss?
Realized that specifying scopes only within the app setting panel wasn't enough.
For each new oauth call for users, need to specify the list of scopes you want to authorize the key for.
All working good now.
I need to get the latest event from a fanpage/user and show it on a blog. Everything work well with the Graph API but the problem is, that I need a access_token (currently I use a access_token, generated from account).
But the problem is that the token expires (also the offline token).. what is the best way to do that?
For a fanpage event, you should be able to use the page access token of the given page to retrieve the data. This will be possible following scenario 5 in https://developers.facebook.com/roadmap/offline-access-removal/. As to a user's event, you can extend the token for two months at most also described here https://developers.facebook.com/roadmap/offline-access-removal/.
To get it working on your blog would not be easy as you would need a way to reauth the user every two months when the tokens expire.
Facebook has moved away from the concept of offline tokens because they present a huge security risk for users as they may forget about the application. If a user has not used your application in two months, it is reasonable for Facebook to remove user authorization of your app.
I'm trying to implement facebook connect to my website, and i have couple questions.
1: Is it possible to register user in my website using his current facebook email/password.
Let's say user clicks on link Register via facebook and then he have to give me permisions to access his password, email, etc... and after that is done i put that info in my own database and he will be able to login with that account any time he wants without needing to give me permisions any time in the future.
2: If that kind of registration is not possible, what's other solution would be the best for me? Because i need to somehow keep track of that user who logged in with facebook, because he can upload photos, send messages etc.
Anyways, i'm quite new with facebook and similar things, so i'm really lost here, hope some one can help me :)
EDIT Thank you all for wonderful answers it helped me a lot, now all that's left is to read documentation :)
Yes it is, it is possible to get the information of the user. But it is rather complicated, when you have never dealt with it.
First you need to send the user to the following link:
https://m.facebook.com/dialog/oauth?client_id=your-client-id&redirect_uri=xxx&scope=listof-information-you-want
Facebook will then return your client to the uri specified, if the user rejected it will give a reason. If it is not you will get an code in urlencoded format.
This code is needed for the following step, the request of the access token:
https://graph.facebook.com/oauth/access_token?redirect_uri=xxx&client_id=xxx&client_secret=xxx&code=xxxx
This will give back an access token, if the authorization didn't fail.
After that you can ask for the information you want:
https://graph.facebook.com/me?method=GET&metadata=true&format=json&access_token=access_token
This will include a facebook uid, which is unique for all users. Store it and you can discern between a register and login.
This is roughly the process for any oauth2 application.
Facebook will not ask repeatedly for permissions after the user granted them to you. So you can store the access token and reuse it for backend stuff and also use the same procedure you use for register for login.
You can never access the user's password from Facebook even with his/her permission, so the user will always have to authenticate via Facebook and have Facebook pass you the user id of the logged in user once authentication succeeds. You can store all kinds of other data locally, but not enough to authenticate the user yourself.
Once the user is authenticated, you'll have access to the user's Facebook user id via the API, which should be enough to connect all kinds of information to that specific user.
Facebook does not provide access to accounts when passwords are taken from your controls. It provides it own canvas for login information. Therefore you cannot use your first approach to store passwords in your databases. Check this out.
You can however store email addresses once user logins into his account using the facebook sdks. Check this out link for the example of C# SDK sample code.
You can use the Facebook APIs to fetch user email-id, photos, friendslist and other information and then play around accordingly.
You don't get access to the users password - only email if you ask for it.
Best way would be to have a table of users and their Facebook account id's.
If you want to allow users to sign up without Facebook then have a nullable field for their password and facebook id, and also have a field for username - which you could populate from Facebook if they register via that route.
I need to perform a couple of actions when the user is logged off Facebook.
First i need to get a list of a given user friends using my application.
Second i need to be able to post messages to user's feeds offline as well.
What kind of permission do i need for that?
How do i achieve it using the Open Graph and the new oAuth 2.0?
What happens if the user initially grant the required permissions but between that and my
app doing the offline work the user revoke them?
How can i check for that?
Thanks everyone!
Ask for the offline_access permission.
It's being deprecated but there's workarounds with the latest information as of yesterday that allows us 60 days of access using a token. See: https://developers.facebook.com/docs/offline-access-deprecation/
Is it possible to retrieve an user id before agreeing to give permissions to an application?
I'm trying to salute a user before agreeing to the permission request. But for that I'll need to know his/her user id so I can access the info via graph API.
The idea is to do it when he/she is visiting for the first time my page app.
http://apps.facebook.com/xxxxxxxxxxxxxxx
Any idea?
This is NOT possible. Facebook WILL NOT share the user id with any app without the user explicitly allow that (partners are always a special case).
No it is not possible.
The only way to get the details of the current user is to issue a request to
https://graph.facebook.com/me?access_token=ACCESS_TOKEN
But here the problem is to get the access token, user should allow the application first.