Facebook, a multi billion dollar organisation won't fork out for some live chat agents. Instead I'm stuck in a loop asking for approval, them not reviewing my app properly and giving me a cut/paste response. They say they monitor here, so here's hoping.
Nobody but me will ever use my app. It's a PHP page that posts to our radio station's Facebook page timeline www.facebook.com/BCnowplaying every hour or so, music that's playing on Budgie Collective.
We don't want to spam, this is why the nowplaying page is separate to our normal page.
The app works. All it does is grab a token, store it and post info to the page periodically.
I asked for permission to mention pages. And it was like I divided by zero. I only want this to mention pages of the DJ that compiled the mix that's on air (which is a sanctioned mention, as they have asked for this)... so that when their mix comes on, they are notified.
When I ask for the app to be granted this ability, I get told to show how the public will log in and use the app, and to give sample user accounts. Of course I have explained all this when requesting the permissions. But I keep getting knocked back. Nobody will talk to me directly and every time I re-explain and submit, I have to wait for several days to be given an answer that has nothing to do with how my app works. It's like they aren't even reading the submission.
What can I do next?
Since you're the only one using the application, there is no need to apply for approval. Owners of the application can already use the permission without going through the submission process.
By asking for approval you are basically telling Facebook that you want the public to use the mention feature as well.
So the solution here is to use the app as is and just change the settings to public in Settings > Status
Do you want to make this app and all its live features available to the general public?
Switch to yes.
Related
So we've developed a Facebook App (and similar apps on Twitter and Instagram) that allow users to post and read content using an external system. We'll sell this integration directly to our clients, so it's a private application.
Basically the user will see a very simple page with a button "Log in to Facebook" and a disclaimer regarding the authorization (we'll use some query params fixed in the url, depending on the client). The client authorize us and we capture the access tokens.
To submit the app review, though, we have to explicitly give a test user to the reviewers, but that's not really possible because the real "action" happens within the integrated systems, NOT within the app itself. And those systems are not public (they shouldn't be).
So just to be clear: our app is basically a very simple "Facebook login" that we use to get tokens, generated by specific clients authorization. It's not going to be published anywhere.
Until we have around 5 to 10 clients we can add the specific users in our app as Testers/Admins/etc, but what if we scale up? Say we have 20 clients. How are we supposed to get our app to be "live"?
To follow the app review steps we would have to create some users in our local systems (we have some dev environments), open them to the internet so the reviewers can log in and see how it actually works? Is that it?
(btw I'm asking this because our app review was rejected twice and I want to make sure I'm submitting everything they ask this time).
Thanks :)
I think the Login Review FAQ answers most of your questions. The key point:
Our review team will actually test how your app uses each permission on every platform you have listed in the settings section of your app.... You'll need to explain exactly how to test each permission or feature in your app so that we can make sure it works and follows our policies. We can't approve your app if we can't fully test how it integrates with Facebook.
In other words, it's not enough to just allow them to log in to your app, you have to expose all Facebook-related features to the reviewer.
To follow the app review steps we would have to create some users in our local systems (we have some dev environments), open them to the internet so the reviewers can log in and see how it actually works? Is that it?
Yes, though I'm not sure what you mean by "open them to the internet". You should be able to create a test user on your local system and link that account to a test Facebook user. Then you can have the Facebook reviewer use that test account for their review. (From the FAQ: "In the Items in Review section, you'll see a Test User (optional) section that allows you to type the name of the user you wish to be used in your review.")
I created an fb application which uses the following permissions: manage_pages,publish_pages, and read_insights.
The main purpose of the application is to give to the authenticated user reports and statics about the popularity of his own fb page.
I noticed that I can't use those permissions until I submit the app for review.
In the facebook developer account, I noticed that for each of the above permissions I have to complete some notes:
1. How a person logs in with Facebook
2. How a person sees the permission used in your app.
Also they want me to upload a video to show them that I use the permission correctly.
The problem is that I'm not sure what should the video contain in order to clarify the point 1 and 2.
Right now my application is only doing the authentication phase (signup), and in the next release we are going to create and display analytics for each user who joined the platform.
I would be grateful, If you could give me some suggestions regarding what facebook would like to know in order to approve the permissions.
Thanks,
Your App needs to be working before you can send it in for review. Meaning, you need to have at least a working prototype. For development, you do not need to go through the review process, every permission works for everyone with a role in the App without review.
In other words, you can´t go through review with permissions you don´t even use right now.
I have a Facebook app which is currently live, but would like to add additional functionality which involves requesting additional permissions (mainly publish_actions). The new permissions, due to Facebook policy, need to be reviewed by their team before they can be used live.
Is it possible to use one app for this? Is there a way (and is it acceptable by Facebook) to lead the user down a different flow if they are a tester, rather than a user during the review process?
I've also looked into the possibility of a test app, but I'm not sure if it's possible to flag that the app to review is a test version, which would then be approved on the live app. Facebook's FAQ seems to suggest this is not possible.
I'm not marking this as a definite answer, as it's a bit hacky and I have no confirmation that this will work until the review process has been completed. However, you can use the FB API to determine whether the user viewing the app is a specified test account or not by adding conditionals based on the user ID. It will also help if you make the test account an automatic user of the app on user creation.
For example, if you want to include new functionality, check if the user ID is a specific test account ID or not. If it is, display it. If not, display something else.
I have like/share buttons on my website and am not currently using an appid. Finding information on whether this is a necessity for the above configuration is difficult to confirm. When going through the Facebook app "create" forms, I'm really confused by a lot of the requirements as it seems to be more focused around actual apps rather than websites, which login via fb etc.
In the past I have created an app for one of my other websites and I don't believe there was any verification/submission process at this point (about 2-3 years ago). Reviewing my old app configuration now I can see that it is not "live" - does anyone know whether Facebook implemented this submission process in the last couple of years, and then de-activated any live apps that were created prior to this?
I now want to setup a new app for my new website and I'm unsure what the different 'action types' mean and what I would need to simply use like/share buttons on the website. Could someone give me a quick run down of what I'd need and what they are?
Any other info/tips people can provide would be greatly appreciated. I'm finding that the like/share DO still work without the app, but sometimes the share button doesn't work properly (I have a feeling this is something to do with the app).
Thanks
If you are just using the Social Plugins, you don't need to have a Facebook App ID.
If you want more integration, it will be required. Creating an App ID is like registering your App, wether an iOS or Android App or just a website, so that you can make Graph API calls for it.
The easiest way to register your website is to go the quickstart: https://developers.facebook.com/quickstarts/?platform=web (or https://developers.facebook.com/apps). There you can type a name and follow the steps.
You can then follow the "Sharing best practices" (https://developers.facebook.com/docs/sharing/best-practices#tags) on how to use the App ID. For example, by including an fb:app_id meta tag on your pages.
There is a review process, since last April, but that is only needed if you use permissions for your App. If you just use the plugins, that is not needed.
Can you explain more what is exactly not working?
Update
The time you create a page the Facebook crawler does not know yet what the Opengraph data for that one is. This will happen after the first share, but if you want to ensure it is correct from the first share on, you can force a re-scrape.
This section explains how that works:
https://developers.facebook.com/docs/sharing/opengraph/using-objects#update
When an app triggers a scrape using an API endpoint This Graph API
endpoint is simply a call to:
POST /?id={object-instance-id or object-url}&scrape=true
I know about test accounts, but during beta I'd like to allow access only to my friends, and then later friends-of-friends, and then only eventually Kevin Bacon and his friends.
That would probably suck, wouldn't it? The app would be listed (is there a way to prevent listing?) and someone I don't know might try it and get a "sorry, this is in development message." I imagine they'd be irritated and not come back.
From what I've read, only a few apps take off, but when they take off, they REALLY take off. Do developers just release these things fully baked?
Anyone start out with OpenSocial or other smaller-than-Facebook networks?
Any ideas for a soft, gradual, restricted roll-out?
Once you've set up your application, there is a setting in the Developer application control panel for your app: Your app -> Advanced -> Sandbox Mode.
Sandbox mode lets you restrict access to only those people listed as developers (under the Basic section).
In terms of expanding the app, Facebook doesn't provide much more flexibility that the Sandbox mode. Unfortunately, adding everyone as Developers of the app doesn't work very well for a beta, as people can access the application control panel once they are a developer. I ended up putting a whitelist of Facebook Ids into the front controller of my application for a previous beta, and it worked fairly well.
The apps are only listed in the App Directory if you submit them and they are accepted. There's no issue about preventing listing, it's something you have to apply for.
As for restricting users, you can accomplish it with a script in the application that checks whether the currently logged-in user is within your restricted user set. For example, if you only want friends of yourself, check whether the current user is friends with your user id. If not, simply display an error/message page or redirect them to the Facebook home page (or wherever). Add this check to the rest of the start-up logic run each page (such as connecting to your DB and authenticating with Facebook).
What I have done in some cases is keep a database table with the user id's of users who are allowed access, essentially a "whitelist". If the user isn't in the table, redirect them.