Possible bug with test users and page access tokens - facebook

Possible Facebook bug: First I am posting here because for some reason the button to create a bug never appears when I go to https://developers.facebook.com/bugs !
Facebook test users don't behave exactly like real users: If you make a call to graph api fql using a page access token to retrieve basic info for the user like name etc the api returns nothing. The reason why I am using a page access token is because I am making a batch request which requires the page access token. Real users users return the basic info like name with the page access token but test user don't.
Thanks

Related

Auto Posting to Multiple Facebook Pages using Graph API - Auth Issues

I am pulling my hair out trying to understand what Facebook wants me to do to post to a FaceBook Page as a System User that has Admin and Page Privileges to and Owned by our business (We have Facebook Business Manager).
In a nut shell all I want to do is make this call:
https://graph.facebook.com/v2.5/${MyPageID}/feed
What I don't get is the access_token part.
I can generate access tokes for Apps, for Pages but all result in 403 returned from FaceBook. I have gone as far and checking every box available on the generate access token popup on the graph api and still I get 403 "Forbidden" so I am detailing the little I understand of the insanity that is FaceBook Auth in the hope that someone can explain where I am going wrong.
1) To Post as a System User to a Page I have to Create a FB App (I Would prefer just to post direct to the pages and skip the App part, My System User has Admin Access on All pages)
2) To Access the App I need an App Token.
3) To Create an App token I need a User Token.
4) To Create a user token I need to log in to Facebook and have all sorts of permissions on the App. (I can't log in as the System User! FB asks me to login as myself. I am not sure if this breaks the Auth Token generated?)
5) Then there are all sorts of swapping tokens to get a Permanent App token, Another point of potential failure!
6) IF the stars and moon align and you stand on your head the permanent App key can be passed to the above call as the access_token
I don't understand how to link the Pages I want to post to with the App created. Do I have to have 1 App for Each Page?
I have got one page to work, We initially used that App to Auth against the Instant Article Graph API:
https://graph.facebook.com/v2.5/${MyPageID}/instant_articles
I could not use the above token for the /feed url, I had to generate a new token with extra publish permissions and the page published with no problems, however when I change the ${MyPageID} to another page using the same access_token I get the 403.
I tried Creating a new App, I have no clue how they link to a specific page So the App to me seems sort of redundant.
Any help with what I am doing wrong or how I can go about simply posting to various FB Pages with a System User using the /feed api ?
The calls are made form a Spring Boot Java APP using HTTP Posts.
How to get a System User Auth and Page Auth:
1) Generate a User Token for an App (Button above the System User):
https://business.facebook.com/settings/system-users/${System User ID}?business_id=${your_business_manager_id}
System user has Page Admin on each page you need to post to.
App is just an FB app, not sure what it does other that it is a grouping I generate a token against.
I chose: (manage_pages, publish_pages, publish_actions, pages_manage_instant_articles, pages_show_list)
2) Check your access token:
https://developers.facebook.com/tools/debug/accesstoken/?access_token=${The access token you got from the step above}&version=v2.12
This will provide you with the App ID the Token is for and how long it lasts (we need a Permanent token)
3) Using Graph API Explorer gets the Accounts this token has access to:
https://developers.facebook.com/tools/explorer/${Your FB APP ID}/?method=GET&path=me%2Faccounts&version=v2.12
4) Using the output above find Page Auth for each page you wan to publish to
5) Post to each page in turn:
https://graph.facebook.com/v2.5/${MyPageID}/feed

Facebook Application Token

I create a demo application to request photos from facebook. I created an application token like this : 549933848476397|4a584ce5fda19cba2ed6630ed78ba8f4. But when use this request URL https://graph.facebook.com/1417833425116725/photos?access_token={app_id}|{app_secret}. It's does not work. Please help me. Actually When I use user token for this request, It's work ok.
If the Page is restricted somehow (age, location), you can only use a User or Page Access Token to get data like photos of the Page. The App Access Token got no relation to any User, so Facebook canĀ“t detect if the User is even allowed to see the Page.
I am 100% sure the Page is restricted btw, you get an "Unsupported get request" error when trying to access the Page ID directly with the Graph API, and that usually happens when the Page is restricted.
Just try another Page with that exact same App Access Token, for example:
/bladauhu/photos
...works without any problem. Another sign that your Page is indeed restricted.
TL;DR: For this specific Page, you MUST use a User Token or Page Token.

Facebook Graph Api access Alcohol Related Page

I am looking for a solution to fetch the feeds of an alcohol-related/age-restricted Facebook Brand Page by a website or back-end service to show these infos in that website for any user.
i.e: https://graph.facebook.com/JimBeam
The standard call results with an error or false.
I know the reason is the age-restictrion because of the relation to alcohol.
If I am connected to Facebook and add an access_token (user-token or page-token) to the request, I get everything I need, but it doesn't work if I am not connected.
If I request the page-token with offline_access, it also does not work when I am not connected to Facebook.
I am a bit confused with all this token types, offline_access, permissions and so on.
Is possible to get the fb-graph-feed of an age-restricted page and load that into a website?
To get an age-restricted feed you need to have a user access token that meets the criteria for the page. So if a user is visiting your site, they will need to authenticate your app, and then you can use the resulting access token to pull information to your website from that restricted page.
You should not be using a user's access token to display content to another user who does not meet the restrictions on the Facebook page.
An added problem is that Facebook does not expose a page's restrictions via the API, so you can't tell if a user has permission to see the page until your API request returns no data.

2 different types of user facebook access tokens?

I have set up a facebook app so people can post stuff from my site directly to facebook using the graph api.
I request offline access and manage_pages so that they don't have to be logged in to facebook, but just to my site.
I also have set up the ability to post to a fan page they are managing directly from the site.
both those things definitely work because i have a fan page and i authorized it on my site and am able to post stuff to it directly from my site.
the problem is that when i send the access token to facebook /accounts?access_token=XXX, nothing is being returned for some users even if they are definitely managing (they sent me a screenshot showing they were the manager of the page)
looking at the access tokens i noticed that mine looks like (this is fake):
200785063253279|561ec27497172e3ddvs32dsc.1-10002342352350235|kB2_OoBtsgscsVW2mKMijfNdvb0
while the users in question have an access token like (again - fake):
AAAC2nOrFTH0BAJjMgS3h22ADhirwsfweRT35235LGcZCGisrefwae5tSF535DGlLKJOIBMnrMnI324sfasdSFOIjo325sIigfWOE1aNbvd8wAZD
I can't help but notice the vast difference between the two. is there a reason? is that why i am not getting any page info when i send the request to facebook?
Any help is appreciated!
The first Access Token is the old access Token format and the second Access token is the new Access token format.
This new format was announced a year ago:
https://developers.facebook.com/blog/post/497/
And rolled out last September:
https://developers.facebook.com/blog/post/2011/09/09/platform-updates--operation-developer-love/
Any new Access tokens you get from the system will be of the new format.

Facebook Graph API - Get all pages and APP manages

Is there a way to query for all access_tokens or page_ids that an app has access to? Instinctively I thought I could do me/accounts?access_token= but it looks like it returns all the pages I have access to, not necessarily the ones the app is authorized to manage.
So I know I can check for an access token by calling each page and passing my page access token aka: <graph>/page_id?access_token=xxxx&fields=access_token
I saw that most of these tokens are also in me/accounts but I really am trying to get the view of what pages an APP is managing. That make sense?
Preferably I am looking for a way to get page_id's+access tokens but I would be willing to settle for a graph call that returns all page_ids that I manage, and I will manually query each one.
Do all accounts that I have access to via an app, also show up in my me/accounts?
Any suggesitions ?
So my issue was me/accounts was skewed because I granted permission to the app to "manage pages." As a result any app that am admin for will show up in the me/accounts?access_token=.
Your options for geting access tokens are:
me/accounts?access_token=<app_token>
/page_id/?fields=access_token&access_token=<app_token>
is this a page tab and you want to query what pages it is installed to? Or are you saying your app has asked for the accounts permission and you want to know what it can post to? If the latter I think you should be able to post to all pages associated with the account. This should return the page_id and the access_token
https://developers.facebook.com/tools/explorer/?method=GET&path=me%2Faccounts