I have created an app. It does not prompt users to Post on Wall permission, after the GO to App popup. I have given the following settings for my app in developer account.
User & Friend Permissions: email,user_activities,user_likes,publish_actions
Extended Permissions: publish_stream,read_stream,offline_access
When i click a "Preview Login Dialog" link, it shown the following rights in "GO to App" popup.
THIS APP WILL RECEIVE:
Your basic info
Your email address
Your activities
Your likes
But, when i access the app at the first time, it shown the following rights alone.
THIS APP WILL RECEIVE:
Your basic info
Due to this, i could not post on well. I have checked.
Similarly, i have checked user's app setting page.
User account has no option like the below.
* Post on your behalf
* Access posts in your news feeds
What is wrong? I spent more than 3 hours to find out.
Be sure that you have expected permissions set in the scope parameter of method invoking the login dialog:
FB.login(function(response) {
// handle the response
}, {scope: 'email,user_activities,user_likes,publish_actions,etc...'});
And just in case, to be sure that you will have needed permissions before doing something that needs them, try handling revoked premissions, as I pointed here.
BTW, be sure to request only permissions your app really needs. You can scare users with so many permissions. ;)
Related
I want to share some url to facebook, here is the code
FB.ui(
{
method: 'share',
href: "http://SomeWebPage"
},
function (response) {
});
On documentation of the Share Dialog written that response data
Only available if the user is logged into your app using Facebook and
has granted publish_actions. If present, this is the ID of the
published Open Graph story.
Lets say that user not logged in to Facebook and click on my share button
what i am see is that
The user about to login my app "Pay oneerDev"
But were exactly publish_actions mentioned above are defined?
How user agrees this action?
Then when user shares i get "[]" as a response data all the time instead of some id, there is no way to know if user actually shared or cancelled or some error occurred.
For publish_actions, you would need to implement Login, and you would need to go through Login Review with that permission before it´s available for everyone. Just to know if something was shared or not will definitely not get that permission approved, because Share Gating is not allowed according to the platform policy:
4.5: Only incentivize a person to log into your app, enter a promotion on your app’s Page, or check-in at a place. Don’t incentivize other actions.
Btw, in order to make the Share Dialog work, the user just needs to login to Facebook - NOT your App. Make sure you understand the difference.
Is there a way to mark a scope such as publish_stream as required in Facebook OAuth2?
Currently a user can skip the permission and that results in a non working app in my example.
No you cant do that, in fact facebook asks to check for the extended permissions before performing any related action.
You can any time check for the permissions a user has granted with the API- /me/permissions. Check out- Graph API Explorer
There's no way to "require" extended permissions such as publish_stream as far as I know. Facebook has some docs about how to handle those cases where the user only gave some permissions:
https://developers.facebook.com/docs/facebook-login/permissions/#handling
Quote:
If a person declines the login dialog have a clear and upfront
explanation about why you are requesting each permission. Then let
them click or tap to opt back in to the permission request dialog. Do
not immediately redirect them into a permission request dialog without
an explanation.
For cases where someone has granted some permissions but not others,
only prompt for missing permissions at the point at which they are
needed. For example, if your app contains functionality which creates
an event on behalf of a person, only prompt for create_event
permission whenever they choose to add the event to Facebook.
Unless the permissions you are requesting in the login dialog are
critical to the functionality of your app and a feature doesn't work
without them, let people continue using your app without the
permissions.
Facebook sent an attention alert about the permission the App is requesting:
Permissions
Your app asks for read and write permissions at the same time. You should only ask for write permissions when a user tries to share something to Facebook. Please update your app accordingly. Read our best practices for more details.
In fact during authentication App is requesting those permissions:
read_friendlists, publish_stream, offline_access, email
But App is not using FB login so according to second point of this section "Publishing permissions", we can ask for both read and write permission:
https://developers.facebook.com/docs/facebook-login/permissions/#publishing
In this situation, can the Alert be ignored?
The "problem" with your request is the read_friendlists permission, the guidelines in case of non-facebook login says:
In this case, make sure that the only read permissions you request are
public profile and friend list.
Also the offline_access han been deprecated and not useful anymore
So you should ask for read_friendlists in a separate request, the alert does not affect the functionality of the app but maybe it will affects other things like quota or apps store.
Hope this helps
I´ve written a facebook connector app which should request some permissions.
When I click the preview login dialog button in the applications edit menu all the permissions are listed but when I open the login dialog from my website only the standard permissions (general user information) are requested. I´ve already saved it several times and waited for hours but it doesn´t work.
Am I doing anything wrong or did I just discover a bug or something?
Thanks.
The permission settings in your Facebook application configuration only apply to auth dialogs from the Facebook app center. You need to specify the permissions you want when you are opening the login dialog from your website. For example, if you're using the Javascript SDK's FB.login to do login, you will need something like
FB.login(function(response) {
// handle the response
}, {scope: 'email,publish_actions'})
Pay particular attention to the scope parameter.
I would like a new user of my canvas app to grant the "friends_online_presence" permission.
On the FB manual page, this permission is listed among the "User and friends Permissions" which should appear on the first page of the registration dialogue and should be non-revocable.
However, Facebook does the opposite - it redirects the user to the second page of the dialogue, where this permission is optional for the user.
If I try to make registration with other permissions from the list (i.e. friends_likes), it works as supposed - the permission is requested as non-revocable on the first screen.
Am I doing something wrong or this is actually a bug in their documentation?
Thanks!
Probably a bug in their documentation. You can however, check to see which permissions the user accepted. If you find they allowed your app, but not the friends permissions, you can give the user a specific screen telling them they can't use your app.