I was wondering if it was possible to show the user a page of my application before they approved the app. Something like a splash screen that wouldn't need to use any of the user's data.
This is an example: https://apps.facebook.com/288033751224625/
Yes, it's totally up to you at what point you ask for permissions from the user. You are not limited to a single "splash" screen either. In theory you could have an entire app that never asked for any persmissions. In general, you should let users look around the app and only ask for permissions when you need specific data about them.
Related
I want to create an app that simply allows a user to log in, touch a like button, and then the app logs them out. I am wondering if this type of app would be allowed by Facebook, since the main functionality is all Facebook related. The app would be used by business to help them increase their Facebook page following. Is this allowed?
Yes, you are. Pratically every like button you see in blog posts and product pages in online stores works like that (except for the logout).
After a Facebook user authorizes the app, the user has to be verified manually by a live person which needs to see details of his profile, including his pictures etc.
What would be the correct way to implement this?
Should the app download all necessary data from the user's profile after the user authorizes the app? Seems a lot of wasted effort if there is an easier way.
I have already posted this question to http://webapps.stackexchange.com here.
You can't see a whole lot of details on ones profile without that user having authorized your app. You can however see the ProfilPicture, so if that is most important it would be possible.
And since (I presume) a user starts on your own page/site you could add a check in there so that someone can click an 'accept-button' on your side...
But what I really wonder is, why not just make sure the people you don't want to be authorized with you app don't know where to reach the app??
Think that's way easier to sort out a bunch of people...
I have a basic question about a facebook app I am building. In the first phase, we are building the app so that it doesn't collect any user information, thus keeping the user from having to click the "allow" button to use the app. However, we are considering adding features to the app later on that would require user information. I am just curious if it is a good idea to build it like this, or if we should just collect user information from the start. Would users think it is strange for an app to start collecting data after the app is already live? Any advice is appreciated. Thanks!
No it's not a bad idea. Actually Facebook recommends only asking for a permission when needed:
As a best practice, you should only request extended permissions at
reasonable times when the user engages with features that would
require their use. For example, if you are asking the user for the
publish_stream permission in order to create a custom share UI, the
user will better understand the context behind your request if
presented with the permission while interacting with the app's share
functionality.
Please DO visit the document I linked to.
Whenever I first click on a Facebook app it puts up a screen asking for permissions. Does the API enforce this, or is it possible to display a screen using either fake or the user's publicly accessible data?
You do not have to ask for any permissions right away. Your app can have the equivalent of a "guest" mode, similar to how many websites work until the user has logged in. I'm not sure why more apps don't operate like that, as a user I'm always a bit put off when something asks for permission before I've even seen the first page of it.
I know about test accounts, but during beta I'd like to allow access only to my friends, and then later friends-of-friends, and then only eventually Kevin Bacon and his friends.
That would probably suck, wouldn't it? The app would be listed (is there a way to prevent listing?) and someone I don't know might try it and get a "sorry, this is in development message." I imagine they'd be irritated and not come back.
From what I've read, only a few apps take off, but when they take off, they REALLY take off. Do developers just release these things fully baked?
Anyone start out with OpenSocial or other smaller-than-Facebook networks?
Any ideas for a soft, gradual, restricted roll-out?
Once you've set up your application, there is a setting in the Developer application control panel for your app: Your app -> Advanced -> Sandbox Mode.
Sandbox mode lets you restrict access to only those people listed as developers (under the Basic section).
In terms of expanding the app, Facebook doesn't provide much more flexibility that the Sandbox mode. Unfortunately, adding everyone as Developers of the app doesn't work very well for a beta, as people can access the application control panel once they are a developer. I ended up putting a whitelist of Facebook Ids into the front controller of my application for a previous beta, and it worked fairly well.
The apps are only listed in the App Directory if you submit them and they are accepted. There's no issue about preventing listing, it's something you have to apply for.
As for restricting users, you can accomplish it with a script in the application that checks whether the currently logged-in user is within your restricted user set. For example, if you only want friends of yourself, check whether the current user is friends with your user id. If not, simply display an error/message page or redirect them to the Facebook home page (or wherever). Add this check to the rest of the start-up logic run each page (such as connecting to your DB and authenticating with Facebook).
What I have done in some cases is keep a database table with the user id's of users who are allowed access, essentially a "whitelist". If the user isn't in the table, redirect them.