OAuthErrors when trying to read a Facebook Page's messages - facebook

I am trying to read the inbox and outbox of a Facebook Page. My first approach was to try to directly access the inbox of a page node. The URI below indicates how I tried to get it:
/{page-id}/inbox
Here is the error message:
You can only access the \"inbox\" connection for the current user.
Then I tried to access the conversations and threads edges as suggested in some places like so:
/{page-id}/conversations
/{page-id}/threads
Both URIs produce the following error:
(#298) You must be a developer of the application
I couldn't figure out what is wrong at all? There are some bug reports to Facebook, related to "#(298)", which were reported a few months ago but I can't believe it hasn't been fixed so far.
Any alternative approach is welcome.

This problem happens if you use a user access token instead of a page access token.
I was doing this in the Facebook Graph API Explorer and I thought I was using the page access token but I wasn't. When I ran {page-id}/conversations?access_token={page_access_token} from the API Explorer, it had the {user_access_token} in the Access Token field at the top. This was being sent in the actual request that the Explorer sent (as seen in Chrome's dev tools). I.e., the API Explorer was ignoring the {page_access_token} I entered and was using the value in the Access Token field.
Clearing the Access Token field or entering the {page_access_token} in that field resulted in the intended {page_access_token} being sent. Doing some of the steps in the browser vs the API Explorer showed me the way.
These are the steps to resolve the issue:
Get a user access token: with manage_pages and read_page_mailboxes permissions* by clicking Get Access Token from the API Explorer and selecting the specified permissions or visiting the URL below.
https://www.facebook.com/dialog/oauth?client_id={app-id}&redirect_uri={redirect-uri}&request_type=token&scope=manage_pages,read_page_mailboxes
Get a page access token: by running /me/accounts from the API Explorer or by vising the URL below.
https://graph.facebook.com/v2.0/me/accounts?method=GET&format=json&suppress_http_code=1&access_token={user-access-token}
Get conversations: Use the page access token (paste it in the Access Token field if using the API Explorer) from the above step to get conversations** by running /{page-id}/conversations or by vising the URL below.
https://graph.facebook.com/v2.0/{page-id}/conversations?method=GET&format=json&suppress_http_code=1&access_token={page-access-token}
* read_mailbox permission is not required, contrary to what I said in my comment above. Actually, the error message was incorrect, attempting to access Page edges with a user access token incorrectly gives user access errors instead of invalid Page access token errors.
** The user must be an admin of the Facebook Page to access its conversations.

Related

Facebook Application Token

I create a demo application to request photos from facebook. I created an application token like this : 549933848476397|4a584ce5fda19cba2ed6630ed78ba8f4. But when use this request URL https://graph.facebook.com/1417833425116725/photos?access_token={app_id}|{app_secret}. It's does not work. Please help me. Actually When I use user token for this request, It's work ok.
If the Page is restricted somehow (age, location), you can only use a User or Page Access Token to get data like photos of the Page. The App Access Token got no relation to any User, so Facebook canĀ“t detect if the User is even allowed to see the Page.
I am 100% sure the Page is restricted btw, you get an "Unsupported get request" error when trying to access the Page ID directly with the Graph API, and that usually happens when the Page is restricted.
Just try another Page with that exact same App Access Token, for example:
/bladauhu/photos
...works without any problem. Another sign that your Page is indeed restricted.
TL;DR: For this specific Page, you MUST use a User Token or Page Token.

Facebook Access Token is Expired using Facebook SDK PHP

I am trying to link my application to a facebook user account but every time I go through the process of retrieving their profile I get this error:
string(140) "{
"error":{
"message":"An active access token must be used to query information about the current user.",
"type":"OAuthException",
"code":2500
}
}"
The reason I am confused is that when I initially request an access_token from facebook it return a token for me.
string(56) "access_token={app_id}|{app_secret}"
Which I am then told is expired and I don't know why.....
I understand in order to get an access token you must follow a particular workflow.
Client Requests access and permissions via SDK and Login Dialog.
User Authenticates and approves permissions
Access token returned to client
Graph API calls with short-term access token (web) or long-term access token (native mobile)
Based on what I've seen in my code, I get to step 3 but step 4 fails because the token is said to be expired. Does anyone have any idea what I can do to fix this!?
I notice that for step 1 the login dialog is never shown but I still get an access code returned despite this. Could that be something to do with it? This is the way I perform step 1.
<a class="lists" href="https://graph.facebook.com/oauth/authorize?client_id=564083793722908&redirect_uri=<?=urlencode($facebook_callback_url)?>&scope=offline_access,publish_stream,status_update">Connect a Facebook account</a>
Step 2. never seems to occur
Step 3. An access token is returned though. See above.
Step 4. Fails with the above error of expiration.
Any advice?
You cannot request user information with an app access token. You need a usser access token to do that. Your Login process needs to adhere the docs at
https://developers.facebook.com/docs/facebook-login/manually-build-a-login-flow/v2.1#login
to get a user access token. Apparantly, this is not the case with your code.
Furthermore, you're only using permissions which are (long) deprecated. See
https://developers.facebook.com/docs/facebook-login/permissions/v2.1#adding
https://developers.facebook.com/docs/facebook-login/permissions/v2.1#reference

Facebook API error : (#210) Subject must be a page

I am trying to delete an application tab from a facebook page.
According to the documentation, I should issue a DELETE request to "https://graph.facebook.com/PAGE_ID/tabs/app_ID" with a "manage_pages" access token, but when I do so I get the error "(#210) Subject must be a page."
I have requested the user for "manage_pages" permission and I have the correct access_token (GET Method works perfectly to show all the details).
The exact request is:
https://graph.facebook.com/270936169730418/tabs/app_533644953422033 (with an access token)
Does anyone know what am I doing wrong??
P.S I am using JS SDK and also trying to do this in the graph api explorer but results are the same.
The problem is with the access token. When using the Graph API Explorer (and checking "manage_pages") you might think that the access token showing at the top is a page access token. It is not.
You need to do GET /me/accounts
Then find the page you want and there is an access_token. Copy this and paste it into the Access Token input field at the top. Now do the DELETE [PAGE_ID]/apps_[APP_ID] and it will work.

Suggestions on a website that uses Facebook's Graph API

I'm trying to build a website with the following requirements. I need help to see if it's possible at all. This website has a regular login (not Facebook). Upon being logged in, the user has the option to "attach" his facebook account. At this point I save the return user id in the DB. Then, I tried on another computer the following Facebook Graph API call with this user id but it said:
Fatal error: Uncaught GraphMethodException: You can only access the "home" connection for the current user. thrown in /home/public/vendor/facebook/php-sdk/src/base_facebook.php on line 1294
The call:
/{user-id}/home
Appreciate help.
According to the error message you're trying to call /{user-id}/home but are using an access token from a different user -
You can't fetch another user's news feed, only the current user of your app, using their access token
Try {user-id}/feed. If you are not using the accessToken that was generated by the facebook API on the "attach" time, you will be able to get only the public feeds/data. Using the access token that was generated at the "attach" time, you will be able to get data for your app permissions.
About access token
https://developers.facebook.com/docs/facebook-login/access-tokens
How to use the graph api
https://developers.facebook.com/docs/graph-api/using-graph-api/v2.0

Facebook Login As App, access token doesn't work

I am trying to get events from a Facebook page via Ajax.
But there should be no login process for user. For this reason I am trying to implement "Login as an App" by following the the documentation on this page.
I am getting the access token correctly by
https://graph.facebook.com/oauth/access_token?
client_id=YOUR_APP_ID
&client_secret=YOUR_APP_SECRET
&grant_type=client_credentials
However when I try to query Facebook Graph API with this access token I am getting an empty result set.
This is an example request;
https://graph.facebook.com/FAN_PAGE/events?access_token=ACCESS_TOKEN
I know the result set should not be empty because the same request with Graph Explorer returns the correct values.
Even a request like https://graph.facebook.com/FAN_PAGE/events?access_token=ACCESS_TOKEN_FROM_GRAPH_EXPLORER works correctly.
Any idea on whats going on? How can I get this to work correctly?
Actually the reason was not about the access token. The reason is that the page I want to get the events for is restricted. This works fine for unrestricted pages.
After a little research I found out that to read a restricted page's events (or posts etc.) you need a user access token. You get this by asking the user. (at login flow)
The other solution to get this data without prompting for a login is to get "page access token". You can generate a page access token by following this link.
And more on Access Tokens