This is my first post in this facebook's stackoverflow forum. My background is on wireless baseband prototyping on FPGA platform and do not have any prior experience with facebook development. Now i have a chance to work on social network related development work and i'm quite excited. Anyway above is just my background introduction.
Here i want to create a virtual Facebook user. Imagine you are interacting with your refrigerator on Facebook. This is the kind of concept we want to show.
Following are the functionality i would like to have at my virtual's facebook account..
1) recognize real friend check-in and messages posted on his/her wall.
2) ability to write messages on real friend's wall.
3) recognize messages posted on virtual account's wall.
4) ability to write message on virtual account wall.
How can the virtual account be equipped with such functionalities? Can i achieve by writing a facebook application? Please advise the direction i should look at.
Cheers,
Phone Naing
The facebook api lets you query their graph but it requires an access token to do that.
There are 3 main token types: User, Page and App.
Your app would be able to get an app token easily but it's limited to public data only, like data of public pages.
For a page and user tokens you'll need the actual user to interact with your app in order to get the token.
You can get the friends check-ins, feed, images, events and so on by asking for the right permissions from the user (there are user permissions and friends permissions).
You can also post to friends wall with the "publish_stream" permission.
For "recognizing" posted items on a user wall you can either recheck the user feed every once and a while and compare what you had and what you get or use the Real-time Updates.
With all of that said, I seriously doubt that you'll manage to pull something like that with the current limitations of the facebook api.
Let's start with the fact that facebook does not like profiles to be "vritual", they want the profiles to be of real people.
Of course that there are plenty of virtual profiles but they can remove them (and sometimes do).
Even if you do have these virtual profiles, since they are virtual they won't interact with your application using facebook, that is won't be logged in to facebook via their channels (web interface, android or iOS, etc).
Because of that you won't be able to get a user access token which you need for all of the information you want.
Since the deprecation of the offline_access permission there's no way to have a token which is valid for a user for more than about 2 months, which means that for each "virtual user" you'll need to log him in to facebook and then interact with your app to get a new token.
You can create a page instead of a virtual profile, which will also be fine with facebook.
But here again, you need a user to actually interact with facebook and your app to get a valid page access token, and even if you get that, it's not enough for the data you want to ask for.
To put it all together:
I think it can't be done.
Related
I have a facebook user who is the owner of the company I work for. He has a single Facebook page, which is the "company page" on Facebook. He created a FB "app" with permissions "manage_pages" and "publish_actions". So the FB api can post to his FB Page, on his behalf, as the app.
Inside the company, we have a few hundred people that use an intranet-based software app. When the users engage in a certain function in the software, the code uses the Facebook API to post a message to the public company page using an access token of the FB account of the company owner. This system works great, but the app is not yet approved, so no one can actually see the posts on the FB page except the company owner.
The software is only available inside the company building, it's not reachable via the Internet. There would be serious intellectual property concerns with allowing an anonymous facebook employee into it. There would be security concerns about making this all public on the web. So I have to presume that FB will not be able to see the backend here - where the posts are created.
So because of this, I've run into problems getting the app reviewed because I have no way to let Facebook reviewers actually see the software where the user creates the post, as they requested.
Is this considered a non-starter setup by FB, or does FB have any contingency for this situation? Or do they expect every FB app to be used in a completely public environment? I'm just thinking surely I'm not the only person trying to use a FB app to post to a company page from a publicly-inaccessible place inside that company?
Thanks!
This was the answer to the problem, thank you CBroe: It is not a matter of approval that makes the app's postings viewable by everybody, but simply of the app still being in development mode.
The actual Facebook gui in the app dashboard doesn't say "development mode" on/off like it used to. It now says "do you want to make this app live to the public". I selected "yes" which made the app's postings viewable by everybody.
In my case, the original confusion stemmed from the fact that we didn't want to make the app live to the public, we only want our one company owner to use the app - so we naturally did not change that setting to "live".
I'm working on a Facebook app that requires a few basic permissions (email, birthday, etc) as well as publish_actions (so I can create stories about user interaction).
When I ask for these permissions, the end user is presented with one screen for the basic permissions and yet another for the publish_actions permission.
However, when I looked at the following app from Amazon:
http://www.amazon.co.uk/gp/socialmedia/promotions/SprngSweep
When I click on the enter button, I am redirected to Facebook to ask for permissions (as expected), however, they have all their permissions one page (Amazon would like to access your public profile, friend list, email address, birthday, photos, videos, personal description, likes and your friends' birthdays and likes. Amazon would like to post on your behalf. Amazon would like to access your data at any time.)
I can't add a picture due to lack of rep
The url that I'm redirect to is this:
https://www.facebook.com/dialog/oauth?client_id=164734381262&redirect_uri=https%3A%2F%2Fwww.amazon.co.uk%2Fgp%2Fsocialmedia%2Ffbr%2Fconnect-handler.html%2Fref%3Dfbr_hn_SprngSweep%3Fie%3DUTF8%26appName%3DAmazon%26externalApp%3DKindle%26onSuccess%3D%252Fgp%252Fsocialmedia%252Fpromotions%252FSprngSweep%253Fie%253DUTF8%2526sm-sweeps_submit%253D1%2526sm-sweeps_submit.x%253D66%2526sm-sweeps_submit.y%253D20%2526sweepsConnect%253D1%2526sweepsEligibility%253D1%26ref%3DSprngSweep%26token%3D6CBF36BD25311891B2F205333EFA3AA78E561AB9&scope=
While attempting to investigate this myself, I noticed that they aren't even passing a value for scope in the url.
How the hell are they doing this?
Most likely they are using an old API (FB changed the behavior over there recently, read their blogs please) or they are using hidden features which FB created for them (as this has an impact on there advertising revenue obviously, and even these guys are "coin operated").
The "two pager" is normal, FB API and FB advertising API quit the same. I wouldn't worry.
As far as I know, you can only tag friends of the account associated with the access_token currently in use. This means that if I want to be able to make an app to share photos on facebook with a tagging functionality, it's mandatory that I make an authentication system, where the user needs to type his password to login on FB and I request and store his sixty_days_access_token. This approach is fine for web apps, but is troublesome if I have to implement a desktop touchscreen interface where the users interact with the system in an environment where anyone can watch him typing his user and password. I'm facing this problem with a public touchscreen, where the users can take pictures and send it to Facebook. The interface is implemented with C++ and the curl library. As the touch is in a very crowded environment and the screen is big, we experienced that the users are intimidated to enter his acc/pass. We worked around this problem by creating a fan page to the event where we store all the photos. As we already have the fan page admin access token stored, we don't need to login the users but clearly we are not able to tag any of the user friends, which vastly reduce the viralization potential of the solution.
So, having this problem in mind, how can I face this?
Do I really need to make an authentication of the users to be able to
tag their friends?
Is there any creative solution?
Yes, if you want to tag a user or their friends in a post, you need them to log in - this is a requirement of the Photo tagging API.
The only alternative i can think of is to give the user a URL they can go to later (e.g. on their phone or PC) which will prompt them to authorise your app and do the tagging at that time.
I have the task to integrate some commercial sharing stuff into a website.
The idea is that the user a) logs in/registers in the website, b) the user connects his user account with his facebook account - by adding and accepting the website application.
Here comes the interesting part - is there a way of linking the facebook account with my website's account so that I can send them updates and promotions directly to their walls programatically?
In the application dialog, it's clearly noted that the user allows the application to write to the user wall so they accept and agree this. Then, for example, if I want to send them a promotion or update directly on their wall using the fb application api, how can I achieve this? All the tutorials I've read consider the user using the Facebook Login
The concrete idea is something like weekly promotion feed that my clients want to allow customers to allow being posted directly on their walls. As I don't have any experience with facebook development, I'd appreciate knowing how, if at all possible, this can be achieved?
Most of what you're suggesting is against policy, and isnt' technically possible either as users need to come back to the app once every 60 days for you to have a valid access_token for them.
The Authentication docs explain how to get access to a user's information with their permission, and the Permission documentation explains which permissions grant access to which functions or fields.
From the documentation it seems that the user should always authorize the Facebook application even to access basic permissions.
However, sites like Rotten Tomatoes and Clicker.com auto-authorize the logged facebook user without showing the authorization dialog. If you visit one of those sites for the first time they will be able to access your public data without you authorizing it. If I go to the Apps on my facebook settings, an entry will appear showing that I gave access to those applications (but I DID NOT).
How can this be possible? Is it related to the "Instant Personalization" feature for selected partners?
Thanks
Well, I was doing some research and yes, it's all about Instant Personalization.
From Facebook:
We've partnered with a few websites to provide you with great,
personalized experiences the moment you arrive, such as immediately
playing the music you like or displaying friends' reviews. To tailor
your experience, these partners only access public information (like
your name and profile picture) and other information you've made
public.
From one of its partners:
Clicker.com
So -at the time I'm writing this- unless you're a partner of Facebook, you'll have to show the old OAuth dialog.
Hope it helps!