When using the requests dialog, facebook issues a notification like this:
What I'm looking to achieve is for the user to click the request link shown above and to present a "Random User invited you to..." message on our App.
However, when clicking that link Facebook doesn't seem to pass through the id of "Random User" to the App. The url accessed by the link looks something like:
http://apps.facebook.com/randomcomp/?fb_source=notification&request_ids=350578327437399,350578327437399&ref=notif&app_request_type=user_to_user¬if_t=app_request
which doesn't contain any reference to the user who initiated the request.
From the App's side, there doesn't seem to be a way to get this information from Facebook. Sure, you can get a list of requests, but that list can contain information for many requests, including requests from other users in addition to the one we're interested in, so it's not useful in this case. For example, here's a snapshot of data:
{
"data": [
{
"id": "340083146057323_100003817986566",
"application": {
"name": "Random Competition",
"namespace": "randomcomp",
"id": "350578327437399"
},
"to": {
"name": "Hannah Smith",
"id": "100003817986566"
},
"from": {
"name": "Random User",
"id": "100002286042525"
},
"data": "100002286042525",
"message": "Use the app!",
"created_time": "2012-05-14T13:26:30+0000"
}, {
"id": "358318457550141_100003817986566",
"application": {
"name": "Random Competition",
"namespace": "randomcomp",
"id": "350578327437399"
},
"to": {
"name": "Hannah Smith",
"id": "100003817986566"
},
"from": {
"name": "Jane Young",
"id": "100003771838663"
},
"data": "100002286042525",
"message": "Use the app!",
"created_time": "2012-05-14T10:54:25+0000"
}],
}
}
As you can see, the data is being passed in, but there's still no way to join the click from the link mentioned above (for Random User) to the correct request in the list; the link passes through the ID for both requests, not just the one for Random User, and while the link states "Random User" it doesn't pass through an identifier.
Am I missing something? Is there a mechanism that isn't in the docs that will allow me to pick-up the "Random User" id so I can provide a nice "Random User invited you to..." message in the App when they click through?
Edit:
Turns out that this isn't possible - see my answer.
You can add some data to the request so that when you process the request you can differentiate that from other requests.
The data can be sent with app requests and users requests and the parameter name is "data".
For example, in the guide for the Requests Dialog you can see it in the properties table at the (almost) end of the document, it says:
Optional, additional data you may pass for tracking. This will be
stored as part of the request objects created. The maximum length is
255 characters
There's also some info about it in the Social Channels documentation, and a sample of (php) usage in the official blog post about Upgrade to Requests 2.0.
I hope that this is what you're looking for.
Edit
When you send the request you know who is sending it right? It's the logged in user, and so you can put the user id/name/etc in the data parameter of the request.
Then, when someone clicks on a request, get the request by the id that facebook passes to you, and from the data extract the user id of the sender.
As the documentation states, you have 255 characters to use, and with that you can do what ever you want, you can even serialize an object to that parameter and deserialize it later.
As it turns out, this is in fact not possible at all.
The link, as shown in the image below, can present multiple users:
which is why multiple request IDs are passed in, and the sender's ID isn't.
Related
I am developing a program that needs to read a facebook page's posts. I have obtained a permanent page token which I can run through the "debug_token" endpoint in the API explorer and can see I have a page token with no expiry with the "manage_pages" and all the relevant pages permissions:
"data": {
"app_id": "xxxxxxxxxxxxxxxx",
"type": "PAGE",
"application": "Second",
"data_access_expires_at": 1583432075,
"expires_at": 0,
"is_valid": true,
"issued_at": 1575649224,
"profile_id": "yyyyyyyyyyyyyyy",
"scopes": [
"user_events",
"email",
"read_insights",
"manage_pages",
"pages_manage_cta",
"pages_manage_instant_articles",
"pages_show_list",
"publish_pages",
"read_page_mailboxes",
"ads_management",
"ads_read",
"business_management",
"pages_messaging",
"pages_messaging_phone_number",
"pages_messaging_subscriptions",
"publish_to_groups",
"groups_access_member_info",
"public_profile"
],
...
Using this same token I query the /{page_id}/feed and I get a response with no "from" field:
"data": [
{
"id": "xxxxxxxxxxxxxxx_yyyyyyyyyyyyyyy",
"created_time": "2019-12-05T20:24:24+0000",
"message": "Bla bla bla"
},
{
"id": "xxxxxxxxxxxxxxx_yyyyyyyyyyyyyyy",
"created_time": "2019-11-20T18:17:54+0000",
"message": "Bla bla bla"
}
...
Even if I explicitly request "from" in the fields I don't get it back and the API explorer shows the field greyed out on the left hand side with a tooltip saying: "Fields is empty or disallowed by the access token".
Obviously the "from" field is not empty, it is disallowed. I understand that this is protected information in most cases but the "feed" endpoint documentation says
Publicly Identifiable Information - User information will not be in included in responses unless you make the request with a Page access token.
https://developers.facebook.com/docs/graph-api/reference/v5.0/page/feed
So, this request is being done with a page access token, for the page that is the recipient of these posts. I am doing these posts myself with another vanilla account by the way, with no tweaking of permissions or privacy options. It seems legitimate to want the source of the post to know who you are talking to, right?
I've searched and tried other responses but answers are somewhat old and the rules in the facebook API do change often, so this is all fresh (as of Dec 2019).
The last relevant bit I want to add is that this page and app are not associated with a business manager account. From what I read, this should not be necessary for what I am trying to do.
Thank you.
Debug infor on token
Missing from field from feed
Ok, I figured this out myself. Hopefully the answer might help someone else in a similar situation.
The issue was that my app has a "development" status, and rightly so. According to the following security document from FB:
App users can only access the data of users who have a role on the app.
https://developers.facebook.com/docs/apps/security/
This extra layer of protection was keeping my app from even seeing who was directly posting on its associated page.
I gave the posting account a "tester" role on the app and now the response has the from field as expected:
"data": [
{
"id": "xxxxxxxxxxxxxxx_yyyyyyyyyyyyyyy",
"created_time": "2019-12-05T20:24:24+0000",
"from": {
"name": "Poster Name",
"id": "zzzzzzzzzzzzzzz"
},
"message": "Bla bla bla"
},
{
"id": "xxxxxxxxxxxxxxx_yyyyyyyyyyyyyyy",
"created_time": "2019-11-20T18:17:54+0000",
"from": {
"name": "Poster Name",
"id": "zzzzzzzzzzzzzzz"
},
"message": "Bla bla bla"
}
...
I'm implementing a DirectLine client for connecting WhatsApp via Twilio and the BotFramework. I've been able to:
Create conversations
Listen to the conversation's websocket
Send activities to the bot
For the life of me I cannot figure out how I can send an activity to the DirectLine client, so it can forward it to the user. In other words, how can I get some activity to pop-up on the DL client's websocket?
On the bot side, what I'm doing is:
Ask the client to create a conversation in DirectLine between the bot and the user (I'm using phone numbers as recipient/from IDs)
Use the new conversation and its serviceUrl to post an activity from the bot to the user
I've tried a bunch of different auth tokens to do this, the closest I've gotten was using the conversation's DirectLine token as a bearer auth:
POST https://directline.botframework.com/v3/directline/conversations/CONVERSATION_ID/activities
{
"type": "message",
"text": "message",
"from": { "id": "whatsapp:BOT_PHONE_NUMBER" },
"recipient": { "id": "whatsapp:USER_PHONE_NUMBER" }
}
Which results in this activity popping up in the websocket:
{
"channelId": "directline",
"conversation": {"id": "CONVERSATION_ID"},
"from": {"id": "whatsapp:BOT_PHONE_NUMBER"},
"id": "CONVERSATION_ID|0000006",
"recipient": {
"id": "BOT_ID#something",
"name": "Bot"
},
"serviceUrl": "https://directline.botframework.com/",
"text": "pls",
"timestamp": "2019-08-26T23:14:13.3099739Z",
"type": "message"
}
Which is obviously useless because the user's phone number is missing?! Instead the "recipient" was overwritten to the bot's.
My question is: What exactly is the canonical way to achieve this?
I can just bypass the BF altogether, call my client and have it send a message to the user. This means, however, that the implementation for this channel is different from all others. If this is the way to go, what's the point of the websockets then?
We are having an issue with one facebook users account where the privacy field returned for his posts are always blank. I have tried reproducing this with my account or a test account, but in all cases the privacy is filled in. Here is a sample using the graph api tool (some fields removed for brevity):
{
"id": "<deleted_for_privacy>",
"from": {
"name": "Joe Blog",
"id": "<deleted_for_privacy>"
},
"story": "Joe Blog added a new photo.",
"picture": "<deleted_for_privacy>",
"link": "<deleted_for_privacy>",
"icon": "<deleted_for_privacy>",
"privacy": {
"value": ""
},
"type": "photo",
"status_type": "added_photos"
},
According to the documentation for privacy the field this should always contain a value.
My initial thoughts was it was related to the blackberry app being used and the old mobile version setting, but posting from the desktop browser results in the same issue.
So what does a blank setting mean? Is it public, private or a bug?
Not sure this is your case, but if the user is posting to a page, event, group or another users's feed, the privacy field is expected to be empty.
See the first note here (not the official fb doc page, I know):
http://api-portal.anypoint.mulesoft.com/facebook/api/facebook-graph-api/docs/reference/privacy-parameter
This is by design. You require a page access token or admin user
access token to retrieve this field.
Source: https://developers.facebook.com/bugs/300329193480725/?comment_id=345320875630426
I'm writing an app which requires me to determine whether I show the fb "like" button or not. fb profiles don't have "likes" but pages do. any recommendations on how I can programatically differentiate between a fb profile and a fb page? the only input i get from the user is the fb profile/page URL and based on that I need to determine whether its a page or a profile and then display the like button.
thx,
Yes, you can look at the type attribute of the returned JSON. For example, take a look at actual, redacted Graph API responses that I receive for a user and a page:
//This is JSON for a user
//Call to https://graph.facebook.com/123456789
{
"id": "123456789",
"name": "Sean Hill",
"first_name": "Sean",
"last_name": "Hill",
//more attributes
"type": "user" // <--- This one
}
vs
//This is JSON for a page
//Call to https://graph.facebook.com/thesolusean
{
"id": "323796444951",
"name": "Solusean",
"picture": "https://fbcdn-profile-a.akamaihd.net/hprofile-ak-snc4/50290_323796444951_3601170_s.jpg",
"link": "https://www.facebook.com/thesolusean",
"likes": 28,
// more attributes
"type": "page" // <---- This one
}
Without knowing which programming language you're using, this is the best answer I can give.
So far it seems the only quick way to know whether given profile is page or actual user is by looking at category attribute. If this attribute is present then its a page otherwise it could be user. FB reference docs doesn't seem to have any clear guidance (see https://developers.facebook.com/docs/graph-api/reference/profile). In additional most of the APIs that return profile as part of other response only includes partial information of id, name and category:
"from": {
"category": "Magazine",
"name": "Astronomy Magazine",
"id": "108218329601"
},
Note: I'm confused by #Sean Hill's answer. There is no type attribute in profile objects.
I am developing a social media monitoring service. And I'm now trying to fetch the posts and comments from a certain group of users.
However, I found that a lot of empty posts are fetched by Graph API https://graph.facebook.com/somebodysuid/posts?access_token=xxxx . That is, a lot of posts are of the following form:
`{
"id": "somebodysuid_xxxxxxxxxxxx",
"from": {
"name": "XXX YYY AAA",
"id": "somebodysuid"
},
"type": "status",
"created_time": "2011-08-03T05:49:11+0000",
"updated_time": "2011-08-03T05:49:11+0000",
"comments": {
"count": 0
}
},
{
"id": "somebodysuid_yyyyyyyyyyyyyyy",
"from": {
"name": "XXX YYY AAA",
"id": "somebodysuid"
},
"type": "status",
"created_time": "2011-07-24T23:31:35+0000",
"updated_time": "2011-07-24T23:31:35+0000",
"comments": {
"count": 0
}
},
Through these are indeed posts, but they're totally useless. The worst thing is, half of the data I fetched are of this kind....
Can somebody please explain why so many empty posts would the API fetch? Can this be solve by any way?
Those posts are probably updates made through the "new share form" where users can tag places and friends and attach geo-locations without adding any additional message.
Those type of posts are typed as "status" but graph api does not return the other meta-datas yet (location, tags, etc...) that's why you see them empty.
Let's hope FB will fix that quickly :(
I think FB has started to add activity information that appears on a Facebook web page, such as "John Doe is now friends with Tom Jones", or "Fred Smith and 2 others have changed their profile image". This activity information is a) incomplete in the returned feed and b) does odd things when you look for more information by asking the graph API for detail based on the posts id field.
My current guess is that this is new functionality for the feed - I have been unable to find documentation or mention of it. They are very difficult to process at this time, since they look like other things and contain no identifying detail.
Here is the question I posted looking for help. It give another example:
Facebook graph "user/home" feed now contains activities as post items that are difficult to identify