Facebook has a debug tool to inspect an individual token and review which Graph API version was used to generate it.
https://developers.facebook.com/tools/debug/accesstoken
Is there a corresponding API to determine the graph version of a token as well?
There's no way I know of to determine with which version of the Graph API an Access Token was created.
But there's an endpoint with which you can inspect the permissions give by a user:
/{user_id}/permissions
documented at https://developers.facebook.com/docs/graph-api/reference/v2.2/user/permissions/ You have to call this with a User Access Token.
Facebook added a new HTTP header for all api versions called "facebook-api-version" that returns a version string like 'v2.0' for all Graph API requests.
https://developers.facebook.com/docs/graph-api/using-graph-api/v2.0#debugging
Related
My previous implementation of using GET request to url https://graph.facebook.com/538726722826117 is broken now that Facebook has moved to Graph API v2 and requires an auth token for fetching this information. And as it is a website, I cannot embed a token which would have any more access rights than for reading a page's public information.
How to implement this rather simple task of getting a page's public like and check-ins count?
You don´t need to autorize, you can just use an App Access Token for the API call. Of course you should not use the Token on the client, but it´s perfectly fine to use it on the server. Make the API call with file_get_contents or curl - that is, if you are using PHP.
An App Access Token is very simple, it´s just the App ID and the App Secret, combined with a pipe sign: App-ID|App-Secret
More information about Tokens for the Facebook API:
https://developers.facebook.com/docs/facebook-login/access-tokens
http://www.devils-heaven.com/facebook-access-tokens/
there is a problem with my access token. I have made my own application, and I took the permission from the facebook user, who is me. And also I have given the same permissions to the facebook graph api. However when I can easily get the results using FQL with graph api access token, but I cannot get the result with my own application access token. What is the problem with my access token.
It is not user access token. Maybe this can be problem however also graph api is not also user access token.
Per the error message you need to use a user access token retrieved via the Authentication flow - you cannot use an app access token for this.
You mentioned in the comments you're successfully using an access token from the Graph API Explorer tool - this is also a user access token which the tool retrieves using the client-side oauth flow. This is not the same as using an app access token for your own app.
Interesting problem I'm having right now.
Signing in an App gives a access token looking something like this:
AAACwFsGcSr4BAOGUTwfuZAWuUcwZC0rJ7noZCKMqhBI7ivDCsIGqduGIZCus5PRaS6KuREqxLmhfvZAZAkz5WCpFfANtUpYHgZD
This access token can't access users PUBLIC information, while one issued by Facebook on developers.facebook.com - CAN.
You can easily test this by logging to your facebook and going to this link: http://developers.facebook.com/docs/reference/api/
You'll see that Facebook automatically generates access token on DEMO urls like this one:
https://graph.facebook.com/me/music
?access_token=2227470867|2.AQCvlA_ZaJ2MfRR0.3600.1318266000.0-100001572415177|2FeweU6ZvOQS9OCF5ZBV58_PtPg
If you would change /ME/ to any user which has his MUSIC posted as public, you WILL be able to access that data with Graph API.
Now try to get an access token to your APP and call the same Graph API method with generated access token, the returned data is empty JSON object.
Whats’ the difference between these access tokens? How to obtain access token, that I could get public information using Graph API?
I was thinking that logging in your APP is the highest possible access token and the only higher token is token with specified permissions...
Any guidelines would be great :)
http://developers.facebook.com/docs/reference/api/permissions/
I believe the difference is that you can specify additional permissions in a scope parameter,
so if you wanted to read a user's feed you would have to specify read_stream. I was trying to accomplish this with an access token from a server-side authentication flow in ruby, but the access token only allowed to me to navigate accross a certain portion of graph.facebook.com/user_id/feed? requests. If you get any insights or comes across a solution shoot it my way too, if you can.
I'm trying to use the new graph api for using FQL (the old api used https://api.facebook.com/method/fql.query?query=select%20like_count,%20comment_count,%20share_count,%20click_count%20from%20link_stat%20where%20url=%22facebook.com%22),
but it looks like I need an access token to use the new api ( http://developers.facebook.com/docs/reference/rest/links.getStats/).
Is there a way to get statistics on a link without having a user logging in (a functionality like the old api)? Can this be done using only a Facebook appId?
Thanks.
Just call this url and parse the json response (obviously replacing the google.com with your page):
http://graph.facebook.com/?id=http://google.com
This url doesn't not require any kind of access token.
Take for example, when using the Koala ruby gem
To access the graph api, we initialize the graph object using the user token key. This is clear, since it contains information that we got from the successful authentication
To access the realtimeupdates api, we initialize the realtimeupdates object using the app access key, which does not seem to have require any user specific authentication information
So, when does facebook require which token?
Here is a detailed explanation on OAuth site. Link here