I ask for read_stream permission in my app. But the users can ignore that request. How can I check if the user gave me the permission?
I want that permission to be required in order to use the app.
I'm using PHP SDK
If you do this:
$facebook->api('USER_ID/permissions','GET');
You'll get the permissions the user has granted to your app
You can find more info here:
https://developers.facebook.com/docs/howtos/login/handling-revoked-permissions/
Related
I'm trying to call
/v2.9/{comment-id}/private_replies
(https://developers.facebook.com/docs/graph-api/reference/v2.9/object/private_replies) but always get the following error:
(#200) Requires read_page_mailboxes permission to manage the object
I'm using a test version of the app. The user submitting the comment is an administrator of the app. From my understanding, if the user is an administrator, the permissions wouldn't need to go through the review process just for testing/developing? read_page_mailboxes is not yet a confirmed permission for the app.
Any ideas what the problem could be?
Answering my own question: The problem in the end was that the access token didn't include the read_page_mailboxes permission. I had to manually create a page access token that includes it.
I initially created the token here: https://developers.facebook.com/apps/{APP-ID}/messenger/ but that doesn't seem to add the necessary permission.
See here on how to create a permanent page access token: https://stackoverflow.com/a/43570120/769726
The permission doesn't need to be approved by Facebook while you're still in development.
User_friends is a default permission.
I have tried to remove for the application but the only thing that I realize is that I remove just for one user for me using:
delete user-id/permissions/user_friends.
I would like that my app to never ask this permission for all the users.
So please tell me how to proceed:
what to use at Access Token
what is the query
In API V2.0 and higher there are no default permissions other than basic_info.
Although user_friends is approved by default, unless you're including it in your app's login code, user_friends won't be part of the permissions new users are prompted to accept
I'm working on an old facebook application and we had to migrate from graphApi v1 to v2.
I delete the publish_stream permission (no longer exists) but users cannot login to the application we have this error :
An active access token must be used to query information about the current user
It still works for admin users... I don't understand what's happening
Any ideas?
Thanks
Did you have a look at
https://developers.facebook.com/docs/apps/api-v1-deprecation
I guess you're requesting extended permissions, and did not go under the Login Review process:
Require Login Review for all apps that use Facebook Login and ask people for permissions other than email, public_profile or user_friends. Any permissions that haven't been reviewed and approved will no longer show in the Login dialog and apps can't access, ask for, or be granted them.
I want to get /{user-id}/feed from another user (user B) rather than "me" (user A), but the query returns an empty list.
I'm using the Graph API Explorer to make the queries, and I've got the Access Token with user_posts, user_status and read_stream permissions, but I can't get this information.
In this thread is said that:
Additionally the queried user needs to grant the app the read_stream permission.
In this other thread they said:
If the user is your app user authorized with read_stream permission, then you access the USER_ID/feed. It's because USER_ID/feed endpoint only available if user give permission read_stream to your app. App Access Token is not allow.
If the user is not your app user with read_stream, then you access the USER_ID/links instead. It's because no read_stream permission require to access this endpoint. App Access Token is not allow.
MY QUESTIONS:
Do I really need this other user (user B) to grant this permission to access his feed?
Where can I find official documentation saying so?
As /{user-id}/links seems to be accessible, are posts, statuses or tagged accessible too, or I just can access links without User B granting this permission?
Note:
Since the purpose is to use it in and iOS and Android App I can't use the read_stream permission, so I would use the user_posts which is supposed to be valid as they say in https://developers.facebook.com/docs/graph-api/reference/v2.3/user/feed
>
Of course, why would anyone want your App to access his newsfeed without his authorization? Keep in mind that not only the user would be able to access the feed of his friends, but the App too - which means, it would be easy for the App developer to get access.
Should be clear with number 1. Why would there even be a permission if you could just grab the feed from another user with it?
You canĀ“t get ANY data from a user without his authorization, for privacy reasons. Friend permissions are gone.
I am using facebook PHP SDK and using that I can able to make request to facebook and get the expended permission from user. After user granted extended permission, anytime user can remove our application or revoke certain granted permission from their settings page, but there is a call back url for facebook to notify, so that and we can track who has removed our application, Suppose some one revoke certain granted permission instead of removing application, How facebook notify us to trace which permission has been revoked by the user?
Is there any other way our app to get to know, what are the permissions user has granted?
Thanks.
-Ravi
You can check if user gave some particular permission with users.hasAppPermission