Facebook Application Token - facebook

I create a demo application to request photos from facebook. I created an application token like this : 549933848476397|4a584ce5fda19cba2ed6630ed78ba8f4. But when use this request URL https://graph.facebook.com/1417833425116725/photos?access_token={app_id}|{app_secret}. It's does not work. Please help me. Actually When I use user token for this request, It's work ok.

If the Page is restricted somehow (age, location), you can only use a User or Page Access Token to get data like photos of the Page. The App Access Token got no relation to any User, so Facebook canĀ“t detect if the User is even allowed to see the Page.
I am 100% sure the Page is restricted btw, you get an "Unsupported get request" error when trying to access the Page ID directly with the Graph API, and that usually happens when the Page is restricted.
Just try another Page with that exact same App Access Token, for example:
/bladauhu/photos
...works without any problem. Another sign that your Page is indeed restricted.
TL;DR: For this specific Page, you MUST use a User Token or Page Token.

Related

How to get a page access token?

I want to generate a page access token with graph API 5.0 and don't know how to do.
I have an app, linked to a page which I am administrator, with all the permissions I need.
Everything works fine inside the graph API explorer.
The documentation says I need a user access token in order to get the page access token, using https://graph.facebook.com/v5.0/me/accounts?access_token=$user_access_token.
The problem is I don't know how to get it programmatically without having to confirm in the facebook popup. All I have now is the app access token, but this is an invalid parameter this endpoint.
Does somebody know where I'm wrong?

Auto Posting to Multiple Facebook Pages using Graph API - Auth Issues

I am pulling my hair out trying to understand what Facebook wants me to do to post to a FaceBook Page as a System User that has Admin and Page Privileges to and Owned by our business (We have Facebook Business Manager).
In a nut shell all I want to do is make this call:
https://graph.facebook.com/v2.5/${MyPageID}/feed
What I don't get is the access_token part.
I can generate access tokes for Apps, for Pages but all result in 403 returned from FaceBook. I have gone as far and checking every box available on the generate access token popup on the graph api and still I get 403 "Forbidden" so I am detailing the little I understand of the insanity that is FaceBook Auth in the hope that someone can explain where I am going wrong.
1) To Post as a System User to a Page I have to Create a FB App (I Would prefer just to post direct to the pages and skip the App part, My System User has Admin Access on All pages)
2) To Access the App I need an App Token.
3) To Create an App token I need a User Token.
4) To Create a user token I need to log in to Facebook and have all sorts of permissions on the App. (I can't log in as the System User! FB asks me to login as myself. I am not sure if this breaks the Auth Token generated?)
5) Then there are all sorts of swapping tokens to get a Permanent App token, Another point of potential failure!
6) IF the stars and moon align and you stand on your head the permanent App key can be passed to the above call as the access_token
I don't understand how to link the Pages I want to post to with the App created. Do I have to have 1 App for Each Page?
I have got one page to work, We initially used that App to Auth against the Instant Article Graph API:
https://graph.facebook.com/v2.5/${MyPageID}/instant_articles
I could not use the above token for the /feed url, I had to generate a new token with extra publish permissions and the page published with no problems, however when I change the ${MyPageID} to another page using the same access_token I get the 403.
I tried Creating a new App, I have no clue how they link to a specific page So the App to me seems sort of redundant.
Any help with what I am doing wrong or how I can go about simply posting to various FB Pages with a System User using the /feed api ?
The calls are made form a Spring Boot Java APP using HTTP Posts.
How to get a System User Auth and Page Auth:
1) Generate a User Token for an App (Button above the System User):
https://business.facebook.com/settings/system-users/${System User ID}?business_id=${your_business_manager_id}
System user has Page Admin on each page you need to post to.
App is just an FB app, not sure what it does other that it is a grouping I generate a token against.
I chose: (manage_pages, publish_pages, publish_actions, pages_manage_instant_articles, pages_show_list)
2) Check your access token:
https://developers.facebook.com/tools/debug/accesstoken/?access_token=${The access token you got from the step above}&version=v2.12
This will provide you with the App ID the Token is for and how long it lasts (we need a Permanent token)
3) Using Graph API Explorer gets the Accounts this token has access to:
https://developers.facebook.com/tools/explorer/${Your FB APP ID}/?method=GET&path=me%2Faccounts&version=v2.12
4) Using the output above find Page Auth for each page you wan to publish to
5) Post to each page in turn:
https://graph.facebook.com/v2.5/${MyPageID}/feed

Facebook Login As App, access token doesn't work

I am trying to get events from a Facebook page via Ajax.
But there should be no login process for user. For this reason I am trying to implement "Login as an App" by following the the documentation on this page.
I am getting the access token correctly by
https://graph.facebook.com/oauth/access_token?
client_id=YOUR_APP_ID
&client_secret=YOUR_APP_SECRET
&grant_type=client_credentials
However when I try to query Facebook Graph API with this access token I am getting an empty result set.
This is an example request;
https://graph.facebook.com/FAN_PAGE/events?access_token=ACCESS_TOKEN
I know the result set should not be empty because the same request with Graph Explorer returns the correct values.
Even a request like https://graph.facebook.com/FAN_PAGE/events?access_token=ACCESS_TOKEN_FROM_GRAPH_EXPLORER works correctly.
Any idea on whats going on? How can I get this to work correctly?
Actually the reason was not about the access token. The reason is that the page I want to get the events for is restricted. This works fine for unrestricted pages.
After a little research I found out that to read a restricted page's events (or posts etc.) you need a user access token. You get this by asking the user. (at login flow)
The other solution to get this data without prompting for a login is to get "page access token". You can generate a page access token by following this link.
And more on Access Tokens

Facebook Graph Api access Alcohol Related Page

I am looking for a solution to fetch the feeds of an alcohol-related/age-restricted Facebook Brand Page by a website or back-end service to show these infos in that website for any user.
i.e: https://graph.facebook.com/JimBeam
The standard call results with an error or false.
I know the reason is the age-restictrion because of the relation to alcohol.
If I am connected to Facebook and add an access_token (user-token or page-token) to the request, I get everything I need, but it doesn't work if I am not connected.
If I request the page-token with offline_access, it also does not work when I am not connected to Facebook.
I am a bit confused with all this token types, offline_access, permissions and so on.
Is possible to get the fb-graph-feed of an age-restricted page and load that into a website?
To get an age-restricted feed you need to have a user access token that meets the criteria for the page. So if a user is visiting your site, they will need to authenticate your app, and then you can use the resulting access token to pull information to your website from that restricted page.
You should not be using a user's access token to display content to another user who does not meet the restrictions on the Facebook page.
An added problem is that Facebook does not expose a page's restrictions via the API, so you can't tell if a user has permission to see the page until your API request returns no data.

Facebook with dotnetopenauth

I have created an App on facebook and I am using this app to authorize an user via dotnetopenauth.
Here I would pass APPID and APPSECRET and get the token which would be used to call Facebook Graph to get facebook user details.
If I'm doing this for the first time, user would be asked to enter username/passowrd on the Facebook website and then the session is created in the browser and it will redirect to my website as a Facebook user. This means that if I open a new tab in the current window and open facebook, user will see his/her page directly without asking for username/password. - this is obvious and understandable.
// code
request = WebRequest.Create("https://graph.facebook.com/me?access_token=" + Uri.EscapeDataString(strAccessToken));
response = request.GetResponse();
My query is:
After the scenario above, if user logs out from Facebook website OR I close the browser window, the facebook session is lost. However, I still have the access token (string in the above code) that I got while authenticating.
So, As of this moment I am not storing any user information from Facebook (not even cookies or anything else). I am just requesting user to authorize my application as a Facebook user. When user does that, I get the access token which I can use it to make calls to Graph and REST APIs. This access token usually remains same, so I really dont need to pass the applicaition id and secret to get the token next time onwards. Actually I can request the graph APIs and REST APIs with the stored token and request user details. I have tested this and works fine.
What I am looking for is, if user opens www.facebook.com, user should see his/her personal facebook page which obviosuly is possible only if I have a session in the current browser. Hence, my question was: how do I use my access token OR what call should I make with my access token so that I can set the browser session for the facebook user? Is it possible technically?
Regards,
AG
No. Your access token is used by your web server to call facebook. It's impossible (and undesirable) for this to impact the user's browser in a way that would set a facebook.com cookie so that the user would be implicitly logged into Facebook by your use of the access token.