I'm creating a website that use facebook connect, and I need the publish_action permission for each user, unless, user can't get access to my website.
But when a user register with Facebook connect, the publish_action permission can be skipped ; the request is separated from the read permissions.
This is an example of what I dont want: http://i.stack.imgur.com/mbz8g.png
Is there a way to ask to people to allow publish_action and read permissions in the same text box, without "skip" button ?
You cannot require the publish permission to use your app.
No. People must be able to login to your app without granting publishing permissions.
Related
Is there a way to mark a scope such as publish_stream as required in Facebook OAuth2?
Currently a user can skip the permission and that results in a non working app in my example.
No you cant do that, in fact facebook asks to check for the extended permissions before performing any related action.
You can any time check for the permissions a user has granted with the API- /me/permissions. Check out- Graph API Explorer
There's no way to "require" extended permissions such as publish_stream as far as I know. Facebook has some docs about how to handle those cases where the user only gave some permissions:
https://developers.facebook.com/docs/facebook-login/permissions/#handling
Quote:
If a person declines the login dialog have a clear and upfront
explanation about why you are requesting each permission. Then let
them click or tap to opt back in to the permission request dialog. Do
not immediately redirect them into a permission request dialog without
an explanation.
For cases where someone has granted some permissions but not others,
only prompt for missing permissions at the point at which they are
needed. For example, if your app contains functionality which creates
an event on behalf of a person, only prompt for create_event
permission whenever they choose to add the event to Facebook.
Unless the permissions you are requesting in the login dialog are
critical to the functionality of your app and a feature doesn't work
without them, let people continue using your app without the
permissions.
Well i want to allow Facebook login on my site. I have created the API and user's can login to the website. But for the first time a pop up comes to the users asking for Permission.
https://developers.facebook.com/docs/concepts/login/login-architecture/
Can i just skip the users from this permission page and directly logs them in.
Thanks
Any person must accept the basic permission for getting their Facebook profile data for use in your website
I'm building a Facebook app with Facebook login via Oauth 2.0. Will it be possible to request more permissions (scope) from the user in the future as we add features or do we need to request them all up front?
Anyone implemented this with Facebook Connect?
From my experience, you can add permissions later and it'll prompt the user to accept those permissions. For my app, I started with just basic/email permissions and then added photo... and it would prompt for the photo.
You can call Facebook's permissions api (https://graph.facebook.com/me/permissions?access_token=...) to see if the user has authorized the permission you will need (perhaps they later when in and revoked part of your apps permission but not all of it). If they did, or you just later need different permissions, just show the authorization link like you did the first time with the additional permissions listed in the url (&scope=email,read_stream...) and it will prompt them for those.
I am using facebook PHP SDK and using that I can able to make request to facebook and get the expended permission from user. After user granted extended permission, anytime user can remove our application or revoke certain granted permission from their settings page, but there is a call back url for facebook to notify, so that and we can track who has removed our application, Suppose some one revoke certain granted permission instead of removing application, How facebook notify us to trace which permission has been revoked by the user?
Is there any other way our app to get to know, what are the permissions user has granted?
Thanks.
-Ravi
You can check if user gave some particular permission with users.hasAppPermission
How do I make an app that doesn't ask for permission when you load it?
Or is that impossible? The only thing the application does is post to the user's wall, but can't I authenticate for that after they load the application?
You can, not sure why others are so positive that it is not possible.
On your server side you can check through facebook api if current user granted you required permission. If not, pass some flag to your fbml where you can display permission prompt link:
Would you like to <fb:prompt-permission perms="publish_stream">allow us</fb:prompt-permission> to post on your wall?
You are not obligated to require users to authorize your app either (but you need authorization before checking for granted permissions or retreiving any user information), you can still allow users to use your app. In fact allowing users to use an app without authorization is even encouraged by facebook recommendations. For optional authorization you can put such fbml on your page:
<fb:if-is-app-user>
<fb:else><a href="http://www.facebook.com/login.php?api_key=...&v=1.0>Would you like to authorize this app?</fb:else>
</fb:if-is-app-user>
If you want to post to their wall via a prompt instead of requiring prior authorization, you should use the connect library. Then you can use some javascript to open the dialog.
In fact, another SO question gives you exactly what you need.
Or is that impossible. The only thing
the application is going to do is post
to the users wall, but can't I
authenticate them for that after they
load the application?
To publish content to users' walls, you need to have the steam_publish permission from them first.