Getting an APP_SECRET for a page, not an app? - facebook

Right now I am doing an http post request to post from a coldfusion file straight to my Facebook page. Right now, it is fully functional with the normal ACCESS_TOKEN for the page. My problem is, that to extend the life of the ACCESS_TOKEN, I need an APP_SECRET, which I don't know how to get for a page. Any tips? I really hope it's possible.

Any tips?
Tip 1: There is no such thing as an app secret for a page.
Tip 2: App secrets are for apps.
What type of access token is "normal"? How did you get it?
Read the "Page login" part of http://developers.facebook.com/docs/authentication/ for more information on how to correctly get a PAGE access token.

If you want to GET/POST/DELETE things via pages, you need a admin user's access token and the manage pages permissions, and then get an access token for each of the pages you want to 'manage' through the application, which it seems you must have previously done, to have access in the first place.
As far as I know, getting that page information again, would refresh a page access token, as long as your user access token was still up to date. I'd suggest re-using the code you have for the original call to get the page data/access tokens.

Related

Using App ID & Secret as access token to list a Facebook page's tabs returns empty list

I'm looking for a way to be able to manage our page's Facebook tabs automatically, without needing an admin to log in. I tried using using the related app's ID and secret as suggested in this SO answer (FB docs) and that gets me access to the page and it seems all of the data on the page except tabs. When I try to access /{page-id}/tabs I get { data: [] } as the response. Page API endpoints I have tried work fine.
I have also tried /{pageId}?fields=access_token as suggested in this SO answer and it just retuned the app ID, the access token field completely absent. I tried that again using a user access token and it returned a token, but the Access Token Debugger said the token expires in one hour.
I'm trying to automate the removal and reordering of tabs, but if the user needs to log in an hour before this happens it defeats the purpose. Is there any way I can get a permanent access token for a page that will return tabs? Is there any way to accomplish this with the app id/secret access token method?
It looks like there is no way to get an access token for a page with only an App ID and secret. You have to have a user with access log in and give you their access token. However, with CBroe's helpful links I was able to get a never expiring page access token. You can see the steps I took in this answer to almost the same question.

Facebook Application Token

I create a demo application to request photos from facebook. I created an application token like this : 549933848476397|4a584ce5fda19cba2ed6630ed78ba8f4. But when use this request URL https://graph.facebook.com/1417833425116725/photos?access_token={app_id}|{app_secret}. It's does not work. Please help me. Actually When I use user token for this request, It's work ok.
If the Page is restricted somehow (age, location), you can only use a User or Page Access Token to get data like photos of the Page. The App Access Token got no relation to any User, so Facebook canĀ“t detect if the User is even allowed to see the Page.
I am 100% sure the Page is restricted btw, you get an "Unsupported get request" error when trying to access the Page ID directly with the Graph API, and that usually happens when the Page is restricted.
Just try another Page with that exact same App Access Token, for example:
/bladauhu/photos
...works without any problem. Another sign that your Page is indeed restricted.
TL;DR: For this specific Page, you MUST use a User Token or Page Token.

What is the proper way of accessing a public post from a facebook page

I have a CMS application which needs a little component that allows an editor to select a facebook page post to display.
I've been going around facebook API and I don't fully understand what is the proper way of doing it.
This would be a server call, I would prefer not to have an access token because I am not making the request on behalf of any user.
I've tried using access_token=app_id|app_secret, but apparently that request requires an user session. So I went to the graph explorer and copied my access token. That worked fine initially but then I learned that they expire. I could get a long live token, but apparently those also expire eventually.
So, what is the best way of doing this? I think that using someones facebook access token for this is risky. The token could be revoked at any point breaking the feature in production. Can I achieve this without an user access_token? if I cant, how is this token normally managed?
Update:
Well actually the app_id|app_secret works, just not in every case. I created several pages for testing purposes and it doesnt work in any of them. Then I tried accessing a post from some brand pages (unrelated to my project) and they work ok. So my problem is configuring the page.
When I tried to access the post using app_id|app_secret I get:
(#100) Requires user session
Posts are public in all cases
I already tried to assign a vanity url to the page, no change
I think it's not possible to use just an App Access Token to get the Page Posts. Unfortunately the docs are not very clear on this IMHO:
https://developers.facebook.com/docs/graph-api/reference/v2.2/page/feed/#readperms
An access token is required to view publicly shared posts.
A user access token is required to retrieve posts visible to that person.
A page access token is required to retrieve any other posts.

Facebook long-lived accesstoken for a page

I'm using a facebook extension in TYPO3 to pull out the facebook posts of a page. Therefor I need the accesstoken.
I googled around and found that I need a facebook app and I need to be administrator of the page.
Then I heard that I need to connet the app with the site, but how can I do this?
I also tried to get accesstoken:
https://graph.facebook.com/oauth/access_token?client_id=APP_ID&client_secret=APP_SECRET&grant_type=client_credentials
And then performing:
https://graph.facebook.com/oauth/access_token?grant_type=fb_exchange_token& client_id={app-id}&client_secret={app-secret}&fb_exchange_token={short-lived-token}
... with this token but it says No user access token specified
Can someone help me step by step how to get the long lived token?
As you just want to pull, you really don't need a page access token. Until and unless you have a demographic or other restriction over your page. All the pages are Public and data over them can be easily accessed by using the App Access Token which is simply put
Your_App_ID|Your_App_Secret
first u need to get an API key from facebook, so here are the steps--->
http://www.shoutmeloud.com/how-to-acquire-your-facebook-api-key.html
& then u can access facebook API, these are docs provided by the facebook to use that API--->
https://developers.facebook.com/docs/guides/web/
This was my implementation (PHP):
$newposts = json_decode(file_get_contents("https://graph.facebook.com/YOURFBPAGE/feed&access_token=YOURAPPID|YOURAPPSECRET"));
Since I was only using this to make simple pull request of my feed posts this is the best way to do it. You don't have to deal with expiring access tokens. Just create your facebook App and get the ID and secret.

Can a page on a website get a facebook access token?

I'm fairly new to facebook development and I still get confused about the oAuth thing.
A client of mine asked me to show the latest posts, links and statuses of his facebook page to his website.
On the a php page on his website I'm creating a url
"https://graph.facebook.com/".$clientFacebookPage."/posts?limit=1&access_token= xxx
In order to json decode it and display the info I want, but I don't know how to get an access token. I generated an access token with the graph explorer that is tied to my name as a facebook developer but that expires in 2 hours.
There are many thing that confuse me already and I hope you can point me towards a solution
I've read the documentation but everything revolves around users getting logged on your app and you app posting. So my questions are:
Do I need to create an app to do a curl (requiring special permissions) using the http://graph.facebook/xxxx url?
If so, does the adming of the facebook page need to authorize with the app?
What do I need to do next? I can create a web page using the app id and secret. Does that mean that I can retrieve the info of the facebook page? How?
I know that the page needs an auth token to curl the http://graph.facebook/xxxx page and retrieve the data needed. Where can I generate it? Does the webpage need to generate it, or do I have (as the app developer) acquire the token and write it to my php code?
If I log out of the facebook, will the program/webpage stop functioning?
I hope I didn't confuse you.
Thank you.
The basic process for obtaining an access token for a Page is as follows:
1. Get a user access token for a User who is an admin of the Page
2. Using this User token, request graph.facebook.com/me/accounts and look for the correct Page ID in the list returned.
3. Grab the associated Page token from that ID
4. Use it to do Page stuff.
There is a newly launched Facebook docs guide which shows you how to obtain one of these access tokens in a step-by-step fashion:
https://developers.facebook.com/docs/howtos/login/login-as-page/
Hopefully that guide should help you.
I will also answer your questions in order:
Yes, you will need an app in order to generate access tokens to make API queries
Yes
This is in the guide linked above (start at the Getting Started if you need to create a way to get a User Access Token also)
Again, see the guide above
Yes, but you should follow the steps in this guide to generate a long-lived access token. Once you do that, any Page token you retrieve will last forever.