Is it possible to do a Graph API search without requiring the user to login? (App token only?)
ie: I want my user to be able search for Facebook Users from my website without requiring them to allow access with my application. I simply want my web page to return a list of matching names.
AFAIK, you can't do that.
Allways you need at least an user token, so after he/she authenticate you can search "impersonating" that user,
Related
I request data from my companies facebook page via the Facebook Graph API. I have created a page access token which has multiple rights. With this token I can read multiple statistical facts showing the performance of the facebook page.
According to the page access token description the token is connected to my user account. I am currently an admin of the facebook page of my company. Currently I share the page access token with my colleges.
Problems:
What happens if I am not the admin of the page anymore (e.g. I leave my current company).
What happens if I delete my facebook account some time in the future?
I would like to have multiple access tokens in order to use a backup token if neccessary
What would be the right way to do this?
I know there is sth. like an app access token (see link above).
I think there is only ONE unique app access token. Can I create multiple tokens?
Is there a proper way to handle my problem?
Is the page access token (which I currently use) coupled with my private facebook account? That would be bad!
I am looking for a solution to fetch the feeds of an alcohol-related/age-restricted Facebook Brand Page by a website or back-end service to show these infos in that website for any user.
i.e: https://graph.facebook.com/JimBeam
The standard call results with an error or false.
I know the reason is the age-restictrion because of the relation to alcohol.
If I am connected to Facebook and add an access_token (user-token or page-token) to the request, I get everything I need, but it doesn't work if I am not connected.
If I request the page-token with offline_access, it also does not work when I am not connected to Facebook.
I am a bit confused with all this token types, offline_access, permissions and so on.
Is possible to get the fb-graph-feed of an age-restricted page and load that into a website?
To get an age-restricted feed you need to have a user access token that meets the criteria for the page. So if a user is visiting your site, they will need to authenticate your app, and then you can use the resulting access token to pull information to your website from that restricted page.
You should not be using a user's access token to display content to another user who does not meet the restrictions on the Facebook page.
An added problem is that Facebook does not expose a page's restrictions via the API, so you can't tell if a user has permission to see the page until your API request returns no data.
I have a Facebook application that users can add to their Facebook business Page(s) as a Page Tab app. It doesn't require any extended permissions for the user. I'm wondering if it's possible to use my app access_token and make calls against the Facebook Graph API to retrieve information about age-restricted Pages?
No, if a page is restricted demographically (e.g. for alcohol) you MUST use a user access token from a user who meets those restrictions, or a Page access token for the page itself.
An app access token will not work for such an API call
If the owner of that access token can view the data on facebook you can get any data using that access token not mater if its block for the others .
Suppose that I make an app that is using Facebook login (basically for dealing with who is who). Is it possible that the app to fetch the user's history from Foursquare if it get the user's permission? (The user uses Facebook's login on Foursquare as well)
No. You need to go through each authorization flow separately. First, the user grant your application access by going to Facebook and coming back with an access token (or authorization code you later exchange). Then you need to send them over to Foursquare to approve access again. Foursquare might need to authenticate them via Facebook but that's really not your concern (and should be transparent if they have an active Facebook session). Foursquare will issue you another access token for their API.
There are discussions in the community about the use case of allowing your application to pass the Facebook access token to Foursquare so they can validate the user identity with Facebook and then issue you an access token. However, there are many issues with that. By not directly interacting with the user, Foursquare has no way of knowing that the user wants to give one application access to their data stored on another application.
I am trying to understand, how facebook authentication works and how the flow should look like. I am working with Google App Engine and I have managed to obtain first the code and then access token. Using it I can for example retrieve user's friends list. This is all cool.
However, how can I store this access_token? I wan to allow my user to access different pages in my facebook app and I will need this access token on those pages. How can I store it and how can I retrieve it? Or maybe no matter which page user accesses I first need to get the code and then access token and only then can I perform some operations on his behalf?
I don't want to use javascript sdk for now. Is it possible to do it all from server side?
how can I store this access_token? I
wan to allow my user to access
different pages in my facebook app and
I will need this access token on those
pages. How can I store it and how can
I retrieve it?
just store the access_token in the datastore.
https://github.com/facebook/python-sdk/blob/master/examples/appengine/example.py
line 50.
It is from the facebook python sdk.
https://github.com/facebook/python-sdk/
If you don't want to use javascript sdk, you need to see this document. It has all details for facebook Oauth.
http://developers.facebook.com/docs/authentication/
While facebook redirect your user to your page assigned by redirect_uri. It will give your the code (A_CODE_GENERATED_BY_SERVER), then your server can get the user's access_token/facebook id with server side facebook api + code. Then you can login your user (set the session/cookie) and do whatever you want.