I would like to get the photo urls from the from this album:
https://graph.facebook.com/175758929145317/photos
If you access it without providing an access token, then you will get empty data:
{
"data": [
]
}
But if you first generate an access token here:
http://developers.facebook.com/tools/explorer?method=GET&path=175758929145317%2Fphotos
And then you append it to the url like this, you can get the data:
https://graph.facebook.com/175758929145317/photos?access_token=your_access_token
However, this access token cannot be used forever, it will expire.
I would like to dynamically take the photo urls from https://graph.facebook.com/175758929145317/photos and display the images on a webpage, the person who views this webpage does not need to have a facebook account.
So every time the webpage is viewed, I am thinking about if it's possible to simply use my facebook account to login (by hardcoding the email and password) and then obtain a new access token so that I can get the photo urls.
Is this possible? Or is there a better solution to my problem? (I cannot ask the album owner to change his album to public)
it's not possible, you cannot authenticate in FB using hardcoded (or stored) login/password - as per Facebook policy:
I. Features and Functionality
...
3 - You must not include functionality that proxies, requests or
collects Facebook usernames or passwords.
what you can do instead:
Get (and then extend) token for yourself (see scenario 4 in this document: https://developers.facebook.com/roadmap/offline-access-removal/). That extended token should be good for 60 days - and then you might be able to extend it again.
Try to get those photos using APPLICATION token - and if it works, then the token is good forever: https://developers.facebook.com/docs/authentication/applications/
Related
So I am building a restaurant app and one of the features I want is to allow a user of the app to see photos from a particular restaurant's Instagram account.
And I want a user to be able to see this without having to login to their Instagram account, so they shouldn't even need an Instagram account for this to work.
So I have read this answer How can I get a user's media from Instagram without authenticating as a user?
And I tried what it said and used the client_id(which I recieved when I registered my app using my personal Instagram account), but I still get an error back saying :
{
meta: {
error_type: "OAuthAccessTokenException",
code: 400,
error_message: "The access_token provided is invalid."
}
}
The endpoint I am trying to hit is :
https://api.instagram.com/v1/users/search?q=[USERNAME]&client_id=[CLIENT ID]
So do I absolutely need an access token for this to work(and thus have to enforce a user to log in) ?
If I do, then is there way to generate an access token somehow without forcing the user log in?
I believe there is a way around this, as the popular dating app Tinder has this desired functionality I am looking for, as it allows you to see photos from people's Instagram account without having to log in! (I have just verified this 5 minutes ago!)
Any help on this would be much appreciated.
Thanks.
Edit April 2018: After facebook privacy case this endpoint is immediately put out of service. It seems we need to parse the JSON embedded in <script> tag directly within the profile page:
<script type="text/javascript">window._sharedData = {"activity_counts":...
Any better ideas are welcome.
You can use the most recent link
GET https://www.instagram.com/{username}/?__a=1
to get latest 20 posts in JSON format. Hope you put this to good use.
edit: other ways aren't valid anymore:
https://www.instagram.com/{username}/media/
Instagram used to allow most API requests with just client_id and without access_token, the apps registered back in the day still work with way, thats how some apps are able to show instagram photos without user login.
Instagram has changes the API specification, so new apps will have to get access_token, older apps will have to change before June 2016.
One way you can work around this is by using access_token generated by your account to access photos. Login locally and get access_token, use this for all API calls, it should not change, unless u change password,if it expires, regenerate and update in your server.
Since the endpoints don't exist anymore I switched to a PHP library -
https://github.com/pgrimaud/instagram-user-feed
Installed this lib with composer:
composer require pgrimaud/instagram-user-feed "^4.0"
To get a feed object -
$cache = new Instagram\Storage\CacheManager();
$api = new Instagram\Api($cache);
$api->setUserName('myvetbox');
$feed = $api->getFeed();
Example of how to use that object -
foreach ($feed->medias as $key => $value) {
echo '<li><img src="'.$value->thumbnailSrc.'"></li>';
}
Ok, so what I am trying to do is a bit odd, so I can't find anything that gives me even a remote idea about how to do this.
I need to access my personal profile posts:
FB.api("/" + myPersonalUserId + "/feed", {limit: 5}, function(data){
console.log(data);
// do stuff with my user info
});
in order to display them on my personal webite, similar to a dynamic blog. But I want it to automatically retrieve these posts without my having to be signed in on each computer that wants to view my site.
Before you get sidetracked on the init, I am using an app and app id that my personal user account has verified access to all permissions.
I know it will require the use of an access token, but how do I get a valid access token without being logged into that computer?
Honestly, I'm starting to question if it is even possible, but if anyone knows how I could accomplish this, that would be awesome!
The best way to achieve this is to just cache the data in your own database and refresh it whenver the user uses your App again.
If that´s not good enough, you have to generate and store an Extended User Token. How to create one is explained in the docs:
https://developers.facebook.com/docs/facebook-login/access-tokens
http://www.devils-heaven.com/facebook-access-tokens/
Extended User Tokens are valid for 60 days, there is no User Token that is valid forever. And you should never use Tokens directly on the client, because some user could just copy it from the source. Tokens are meant to be secret, so use it on the server only. You don´t need to use the PHP SDK, a simple CURL call to the Graph API will do it:
https://graph.facebook.com/[your-app-scoped-id]/feed?access_token=[extended-user-token]
Ok, so I found a solution similar to the one above, but offers a permanent access token.
first, build a url:
url = 'https://graph.facebook.com/v2.5/' + {app user Id, not public Id} + '/feed';
url += '?access_token=' + {app Id} + '|' + {app secret};
url += '&fields=id,name,message,full_picture,created_time'; // these scopes should be approved by corresponding user
url += '&limit=5';
then run it by calling a simple ajax request. These variables should be served from the server through ajax, not hardcoded on the client
I'm trying to upload photos to a specific album of the authenticated Facebook user. But the photo does not appear in the album. It appears in a new album named '"appname" Photos'. I'll try to describe my way as complete as possible - maybe this helps you out there to find my mistake.
I'm not using any Facebook or third party SDK. The project programming language is C# (if it matters).
First of course, I'm getting an access token, by sending the user to the following URL:
https://www.facebook.com/dialog/oauth?client_id={0}&redirect_uri={1}&response_type={2}&scope={3}
{0}: The client ID: my application ID, as provided by Facebook
{1}: The redirect URI, set to 'https://www.facebook.com/connect/login_success.html', as I'm working on a desktop application
{2}: The response type: 'token'
{3}: The scope - all the privileges I'm requesting. This is a comma separated list of the following items:
manage_pages
email
user_about_me
user_photos
user_videos
publish_actions
publish_stream
user_likes
user_activities
user_groups
photo_upload
video_upload
The list of privileges is not only meant for the photo upload.
The login and it's implementation works quite well, so that I get an 'access_token' and an 'expires_in' field in the answer.
If I don't have it already saved, I'm getting the user ID of the authenticated user represented by the access token. This is done by a simple request to:
https://graph.facebook.com/me?access_token={0}
{0} is the acquired access token
This also works quite well and I get a positive response with name, e-mail etc. and the user ID.
Next Task, get the list of albums the user associated with the acquired access token and the user ID. This is done by a FQL query:
SELECT aid,can_upload,created,name,description FROM album WHERE owner={0}
{0} is the user ID
The FQL query is executed by calling this URL:
https://graph.facebook.com/fql?q={0}&access_token={1}
{0} the query from above
{1} the access token
Again, this works quite fine - I get the requested fields back. The 'aid' values are used as album IDs later and are in the format 99999999_999999999 (numbers with an underscore somewhere in the middle). I only use albums that have the can_upload flag on "true".
Now, I hope I have all the information I need to publish the photos.
I create a POST request, multipart/form-data, to this URL:
https://graph.facebook.com/{0}/photos?access_token={1}
{0} is the 9999999_999999 album ID
{1} is the access token from the login
The request consists of two fields: 'source' contains the photo's binary data, 'message' the caption.
The request succeeds. No problem detectable for me.
But when I now visit the Facebook user page, the photos are not in the selected album, they are in an extra album named '"appname" Photos'. The caption is set correctly.
What must I change to bring the photos directly to the desired albums?
The aid is not the ID you should be using when you do the upload. This is not obvious from the Facebook docs - but you should use the object_id column as this represents an object on the Graph API.
So, change your FQL query to:
SELECT object_id,can_upload,created,name,description FROM album WHERE owner={0}
The object_id is just a number - not two numbers separated with an underscore. So make your post to:
https://graph.facebook.com/{0}/photos?access_token={1}
{0} is the 9999999 object ID
{1} is the access token from the login
Note that you only need user_photos permission to upload photos. But without publish_stream permission they do not appear in the user's album straight away - instead, when the user browses to the album they will see this:
Once they click approve they will appear in the album. If your application has publish_stream then they will go straight into the album and the user will not need to approve them.
The rest of your code should be correct.
The redirect URI, set to
'https://www.facebook.com/connect/login_success.html', as I'm working
on a desktop application
I'm not clear how you are getting USER'S access token in this case. To me it looks like you don't get it but instead you are using your APP'S token - that's why weird album name. Can you double check in Token Debugger that you indeed use user's token?
I have similar workflow for one of my windows forms app - but I do redirect user to localhost - that's where my WCF service is listening and acquiring user's access token from.
I'm trying to get review/rating from certain place whos fb page can look like this i.e :
https://www.facebook.com/pages/Dell-Rheas-Chicken-Basket/183254918389428
So id of this place/page is 183254918389428
And you can get the details of this place but not rating/review:
https://graph.facebook.com/183254918389428
I found somewhere on this forum that you could get review from page like this :
https://graph.facebook.com/183254918389428/tabs/reviews?access_token=xxx
But I always get no data :
{
"data": [
]
}
So I'm not trying to get app review/rating but for certain place.
You'd need a page access token to fetch reviews and ratings. Here is a very good short tutorial on getting a page access token: Obtaining page access token.
https://www.facebook.com/dialog/oauth?client_id=<APP_ID>&redirect_uri=<REDIRECT_URL>&scope=manage_pages&state=<STATE>
This will generate you a CODE, use that code in:
https://graph.facebook.com/oauth/access_token?client_id=<APP_ID>&client_secret=<APP_SECRET>&code=<CODE>
This will return you a json response containing short lived user access token.
Next, use the short lived user token to get long lived user token:
https://graph.facebook.com/oauth/access_token?grant_type=fb_exchange_token&client_id=<APP_ID>&client_secret=<APP_SECRET>&fb_exchange_token=<SHORT_LIVED_TOKEN>
This will return another json containing the long lived user token, you can now exchange it for page access token:
https://graph.facebook.com/me/accounts?access_token=<LONG_LIVED_TOKEN>
This will return you a json with page access token of the page(s) associated with that user account. Use this page access token to fetch ratings and reviews by passing it to:
https://graph.facebook.com/StoneArmsInc/ratings?access_token=<page_access_token>
And you will get all the ratings posted on facebook for that page.
Hope, this helps someone. :)
The ratings edge has the reviews in it now, but you need to have a page access token to get it.
The end point is documented here:
https://developers.facebook.com/docs/graph-api/reference/page/ratings
Note that to get the page access token you have to use a user token from someone who is an admin of the page. I don't know if that's a problem for you.
The API for Page reviews hasn't been released yet. We are working on it. Please keep checking for the updates here.
Update: API for fetching page reviews can be found here: https://developers.facebook.com/docs/graph-api/reference/page/ratings/
Using the Facebook API, you can get back the post ID of a Facebook share, even if the user has not authorized your app.
The post ID is prefixed by your user ID, and separated by an underscore.
FB.ui({
method: 'feed',
name: 'People Argue Just to Win',
link: 'http://www.nytimes.com/2011/...',
}, function( response ){
// Response gives you :
// { post_id: "[fbUserId]_346759642059572" }
});
To me it looks like Facebook is using this programmatically, rather than with the idea of providing us the userId out of the kindness of their hearts. But it's extremely tempting to use.
I'm a little rusty on permissions - if there is a way to get back all the users that have liked/shared a specific URL, and not just a count, then this should be okay.
But the question remains, is it acceptable to use?
EDIT:
Now that I think about it, you can access the user ID by making an anonymous call to https://graph.facebook.com/[postId] but ONLY if the post was made public.
If you get a response from FB, it means that you have already ask the user for the required permissions,
so yes you can use the data returned from Facebook as you like, but you always have to inform the users how you use those data.
You can only cache user data if you have permission or it is necessary for the function of your app. Using the like button you can subscribe to edge.create and cache the response from the like.
refer to: http://developers.facebook.com/docs/reference/javascript/FB.Event.subscribe/
II. Storing and Using Data You Receive From Us
You will only request the data you need to operate your application.
You may cache data you receive through use of the Facebook API in
order to improve your application’s user experience, but you should
try to keep the data up to date. This permission does not give you any
rights to such data.
in my app i store the id of every page or user that is viewed to speed up page load times and count page views. Seems with in the scope of Policy as long as i am not sharing the info with 3rd parties or making public what a user has set to non public.