Facebook Graph API OAuthException Code: 9 Access denied. Why? - facebook

I am using facebook Graph API to get user data with the below query
https://graph.facebook.com/search?q=xxx yyy zzzz&type=user&access_token=myTokenHere
And the reply is;
{
"error": {
"message": "(#9) Access denied",
"type": "OAuthException",
"code": 9
}
}
And also it makes my account to logoff from developer.facebook.com. When I try refreshing that web site it says I am logged out.
I am used to use this account for making this search, this happened suddenly. I made maybe a thousand successful search with this link, with this user with this query.
It doesn't says I am limited or something.
I googled it a lot and made a lot of research but couldn't find any solution to it.

Related

Getting OAuthException through Facebook Graph API for some pages of the user's feed

I am trying to get user's posts for the last 2 years using the valid token and the following link:
me/feed?fields=id,created_time,from,icon,is_hidden,message,message_tags,parent_id,permalink_url,picture,privacy,status_type,**story**,to,updated_time,comments.limit(0).summary(true),attachments{description,media{source,image{height,src,width}},target{id,url},title,type,url,subattachments},shares&limit=25&since=-2 years
I can retrieve most of the pages, however, sometimes I get the errors like this
{
"error": {
"message": "(#2) Service temporarily unavailable",
"type": "OAuthException",
"is_transient": true,
"code": 2,
"fbtrace_id": "AybmxKTaLwxa7L99QjcBpn0"
}
}
Turns out that the field story caused the problem. If it is removed from the link when getting a particular page, the request succeeds. So, the problem is apparently not in the code or the request, but on the Facebook side. However, we need this field. moreover, I can get the data with the story field in most cases, not in all though for some reason. Permissions are presumably ok because I am able to get most of the pages.
I am using restFB library to make requests, but I am able to reproduce the problem through Graph API Explorer
Is there a workaround to avoid this exception and keep the story field in the request and should this be reported as a bug?

An unknown error has occurred with graph Facebook

I have an element on my website which shows facebook posts from a page and the amount of views/likes/comments. This stopped working all of a sudden and I have no idea why.
If I make the request with the graph api tester tool I get:
{
"error": {
"message": "An unknown error has occurred.",
"type": "OAuthException",
"code": 1,
"fbtrace_id": "CIHVxFhXIv/"
}
}
This is the request link I use with file_get_contents:
https://graph.facebook.com/v3.0/idofmypage/posts?fields=comments,full_picture,likes,message,picture,story,permalink_url,updated_time,from,insights.metric(post_impressions)&access_token=myaccesstoken
Did something change again with permissions or maybe a field is deprecated?
According to this fb new the Pages API and others have changed, and now you can only access the data if it's a page of your own.
Pages API: Until today, any app could use the Pages API to read posts or comments from any Page. This let developers create tools for Page owners to help them do things like schedule posts and reply to comments or messages. But it also let apps access more data than necessary. We want to make sure Page information is only available to apps providing useful services to our community. So starting today, all future access to the Pages API will need to be approved by Facebook.
Today I've started a project wich, in the begging, I need to recollect data and that's what I've found about it..

Facebook post to page error

I am going insane...
After Googling, searching here and pulling each of my hairs out one by one, I'm stuck.
I am trying to automate posts to a Facebook page and am calling the following:
https://graph.facebook.com/oauth/authorize?client_id=XXXXXXXX&scope=publish_actions,publish_pages,manage_pages&redirect_uri=http://www.example.com
Followed by:
https://graph.facebook.com/oauth/access_token?client_id=XXXXXXX&redirect_uri=http://www.example.com&client_secret=XXXX&code=XXXXXX
This successfully gives me the access token, but when I try to use the Graph API explorer to post to the page (of which I am an Admin), I get the following error:
{
"error": {
"message": "(#200) Permissions error",
"type": "OAuthException",
"code": 200
}
}
I've tried different permissions, different roles for page users and about everything else I can think of! Could anyone shed some light on this? I'm at my wits end.
Can you try page access_token for facebook page publishing, not user access_token.
https://graph.facebook.com/v2.3/me/accounts

Unusual behavior of facebook grap API ("type": "GraphMethodException", "code": 100)

I am having some unusual errors while fetching some data for some users via graph API.
As for example w all know we can get basic user info via graph.facebook.com/username
And it works. But it is not working for some users. Like the user www.facebook.com/sanzida.tanzum is a valid facebook user. So, we should get her basic info via graph.facebook.com/sanzida.tanzum. But when you will try that, you will get the error
{
"error": {
"message": "Unsupported get request.",
"type": "GraphMethodException",
"code": 100
}
}
And it is not a permission issue because use user herself gets the same error when she try to retrive her own data via graph API. Actually the user sanzida.tanzum is invisible to graph API. For example user sanzida.tanzum is on my friend list. You can check here. my friendlist.(it is public). But when I retrive my friendlist via graph API, my friendlist is shown excluding the user sanzida.tanzum ! But she is in my friendlist!
I have tried to contact facebook for this matter because I did not find any doccument related to this matter. They replied it is usual. (probably they did not read my mail at all. I am including the email conversation with facebook)
Hi তৌফিক,
They are getting errors because they are not you... they dont have
permissions to see the same things you do. They might also be missing
an access token. Either way: no bug here.
Thanks,
Emrakul Security Facebook
-----Original Message----- From: *****#ovi.com To: Subject: Report a Security Vulnerability - Unusual bug in facebook graph API
Your Email Address: *****#ovi.com Do you have technical details of
a security vulnerability?: Yes Vulnerability Type: Privacy /
Authentication Vulnerability Scope: Platform Developer API Title:
Unusual bug in facebook graph API Product / URL:
https://graph.facebook.com/sanzida.tanzum Description and Impact: I
was doing some graph API calls for testing purpose. Mostly I was doing
mostly user profile calls. (https://graph.facebook.com/exampleuser)
Somehow I realized facebook is giving following errors for some users
even they are on my friendlist. Same thing occurs when they try by
themselves.
As for eample the user "https://www.facebook.com/sanzida.tanzum" is on
my friendlist. (My friendlist is public.You can check if you want.)
So, according to facebook graph API, I can request the user's basic
info using (https://graph.facebook.com/sanzida.tanzum) But it returns
this error:
"{ "error": {
"message": "Unsupported get request.",
"type": "GraphMethodException",
"code": 100 } }"
Actually graph API can't access nothing of this user. Another
example.. When I request my friendlist via graph API , All friends of
my friendlist is shown except the user (sanzida.tanzum). But she is in
my friendlist! check here (my friendlist is public)
"https://www.facebook.com/toufiqueimam/friends". So why is this
happening only for few users?
Just now I got confirmation that the user herself gets the same error
if she tries to access (https://graph.facebook.com/sanzida.tanzum)
{ "error": {
"message": "Unsupported get request.",
"type": "GraphMethodException",
"code": 100 } }
Reproduction Instructions / Proof of Concept: Reproduction: first go
to https://www.facebook.com/sanzida.tanzum You will see it is a valid
profile. Now try https://graph.facebook.com/sanzida.tanzum You will
get following error
{ "error": {
"message": "Unsupported get request.",
"type": "GraphMethodException",
"code": 100 } }
This isn't a bug, the error means that the data you're trying to access is not accessible to you, does not exist, has been deleted, is not available because you haven't provided an access token from a user who can see it, etc.
See this answer for an example of this error message in relation to Facebook pages: https://stackoverflow.com/a/6847088/21062 - the same is true when trying to access user profiles if that user has blocked you, blocked your app, disabled their account or disabled all apps from accessing their information.
Just an FYI, I ran into this problem, and it wasn't because the user had blocked all applications. In my scenario, my application was attempting to force-convert Facebook's 64 bit integers into a 53 bit JavaScript integer (Node application). It was mangling the value, so when I was making the Facebook GET Request later on in my application lifecycle, I was doing so with the mangled value, and Facebook was trying to tell me "Um, this UserId doesn't exist".
So in my application, I had to use the Node Big-integer add-on, along with the Mongoose mongoose-long plugin for my Mongodb.
Long story short, if you are converting the UserId to it's native 64 bit integer, don't do so unless the intger type in your application is at least 64 bits.

Open Graph user own created object issue

I'm following the documentation here:
https://developers.facebook.com/docs/opengraph/using-object-api/
Using the following:
/me/objects/<app-namespace>:<created-object>?privacy={"value":"SELF"}
&object={"image":"https://<image-url>"}&access_token=<user-token>
Testing with the Graph API tool i'm getting this error:
{
"error": {
"message": "(#200) Requires extended permission: publish_actions",
"type": "OAuthException",
"code": 200
}
}
Ok well that seems obvious until I debug the access token:
Valid True
Origin Mobile Web Faceweb
Scopes publish_actions, user_friends
Anyone else seen this or have an idea of how to fix it?
EDIT Ok so I had publish_actions in both User & Friends and Extended permissions. I removed the User & Friends permission and now I get this:
{
"error": {
"message": "An unknown error has occurred.",
"type": "OAuthException",
"code": 1
}
}
Me no like unknown.
Ok so a couple things to note here that went wrong.
I picked an object type as an item thinking it would be <myapp>:item in the call. Well as it turns out the item is actually a product type so it is product.item a global type. What is handy is to actually click the get code link on the objects you create. Solution was to actually create my own app object type, which I thought I had.
In the Graph API make sure you actually use the application pull down in the top right to select the right app. I noticed some issues when it was set to the generic Graph API Explorer app.
Silly mistakes but cost me some time, hope it helps someone else.