Dynamically generate access_token to fetch page or group post - facebook

I am creating a magazine in my site thatI needed to get the post of users from their groups and page. The API for it requires the access token to get the required data.
I need to generate the access token for the user which required APP key and secret.
But what if the user has not created any APP and they just want to get the post from their page or group, as most of the normal users do not create any APP.
So is their any way I can fetch their group or page post easily or can get the access token for the user.

You need to create the app for your site. This way, you have the required key and secret to generate an access token, and you can fetch content for your users. No need for your users to create an app :-)

Related

How does facebook token works?

I want to write a process which downloads data about my ads.
Basically this is the code:
https://github.com/airflow-plugins/facebook_ads_plugin/blob/master/hooks/facebook_ads_hook.py
It construct a URI as:
https://graph.facebook.com/v{api_version}/act_{account_id}/insights?{payload}
Where payload contains the access_token, breakdowns, fields etc..
Now, I passed over the facebook dev guide https://developers.facebook.com/docs/graph-api/using-graph-api/ and it doesn't explain how do I get the account_id and the token.
It always leads to a user account that needs to log-in to facebook and then process the request.
I want to build a process that doesn't involve user action. Just download logs about my ads.
How can I do that? Where can I get the account_id and the token.
In other systems like google and other they create a json file with credentials that is used for the outh. there doesn't seem to be equivalent with facebook.
For this type of use case, I would create a System User that is permissioned on all your ad accounts, following this guide. That will allow you to generate a token that can used without user login. (You can do the same for your personal facebook account, but that requires you to pass app verification. This can be done without that.)
Then to get the account ids of all the accounts the system user is permissioned on, query the "me/adaccounts" endpoint, using the access token generated for the system user. The docs for that are here. You can use that to get a list of all the account ids.
Alternatively, if you only need one account id, you can get that straight from the facebook ads manager.

Using Graph API without depending on one User

We are using Graph API for accessing public feed from our own Facebook Page.
What is the best way to obtain Access Token, so the requests are not dependant on one person's (my) User Access Token?
So after I leave the project, someone else can use the same token, without it being associated with me, but with the Page or a company instead?
Page Tokens are always tied to a specific user, because you need a User Token to generate a Page Token. For a non-restricted Page, you can just use an App Access Token though. It has no relation to any user.
More information about Tokens and how to generate them:
https://developers.facebook.com/docs/facebook-login/access-tokens
http://www.devils-heaven.com/facebook-access-tokens/

how do I use new App ID & secret ID without affect the existing access token

First, I have use Facebook App ID & Secret ID, then Login with Facebook and get Access token,
I have changed the my Facebook App ID & Secret ID, but, affect the existing user Access token.
How do I get new Application Access token without Login with Facebook?
Changing your App ID effectively means you've created a new application. Since the access_token is tried to a particular App ID and Secret combination, you cannot transfer existing users over to the new App ID. Furthermore, Facebook Platform Policies does not allow sharing of user information between different application - you'll just have to get users to login into the new application.

When publishing to a user's Timeline (using open graph), can I use the application's access token?

So, Facebook has 2 types of access tokens: Application and User access token.
Is it possible to use the Application access token for open graph?
Facebook has more than two types of access tokens, there are at least 3 since you forgot to mention the Page Access Token.
According to the App Access Token documentation:
Authenticating as an Application allows your application to obtain an
App Access Token. This is useful to make requests to the Graph API to
modify the parameters of your app, create and manage test users, or
read your application's insights for example.
As you can see, it depends what it is you want to ask the fb graph.
If you want for example to get the feed of a public page then an app token will suffice, on the other hand if you want to get the feed of a user then you'll have to use a user token.
When you browser through the Graph API documentation, for every object you get a list of fields and connections, and the 3rd column of the tables is titled as Permissions, in that cell you'll have info of what access token is needed if any.
I.e., if you check out the User object you can see:
id: No access_token required
updated_time: Requires access_token
installed: Requires app access_token
Hope this clarifies things for you.

Access "Public" Graph API resources from an app?

I am creating a web application that is trying to use "public" Facebook content.
It is not your traditional "Facebook Application" because I'm not actually signing up Facebook users to use it, but the users will be all server-side.
I've come to a point in which I am having to use an "access_token" for certain "public" pieces of content and I have been able to generate a app access_token but this does not work for the public data I'm interested in accessing.
access_token's created via
https://graph.facebook.com/oauth/access_token?client_id=APP_ID&client_secret=APP_SECRET&grant_type=client_credentials
do not work for
https://graph.facebook.com/chickfila/notes?access_token=CODE_FROM_ABOVE
which is publicly accessable w/o login here...
http://www.facebook.com/ChickfilA?sk=notes
Any way to give an app itself a user-level access_token?
I had a very similar problem with publicly available event data. What I had to do was to create an offline access token for the admin of the application.
So, log in with your admin and open the following URL (replace APP ID with your ID and eventually you need more permissions, but read_stream and offline_access should do the trick):
https://graph.facebook.com/oauth/authorize?client_id=APPID&scope=offline_access,read_stream&redirect_uri=http://www.facebook.com/connect/login_success.html
This will give you a code, that you will paste in the following URL (with your APP ID and SECRET):
https://graph.facebook.com/oauth/access_token?client_id=APPID&redirect_uri=http://www.facebook.com/connect/login_success.html&client_secret=SECRET&code=CODE
This will give you an access token that should work forever (or until you change your password).
Recently I used the access token freely available from the Facebook Graph Explorer which will let you browse different graph resources and will let you specify what permissions you need. For this you can tell it you want offline_access and that token can be used to pull this information whenever it is needed without worrying about your token expiring.
Create an user just for your app and let the user authorize your app and get the access token and use it for this kind of data fetching. Some manual work but as long as you have some user authorized access token you should be able get the public contents.