My app stores the Facebook Access Token for offline use. The main purpose of the app is to allow users to automatically posts on the walls of people within a specified number of days of their friends birthday.
My app has been blocked by Facebook due to spam (some users are sending marketing messages to their friends instead of using the app for it's purpose).
I want to find out who those users are and block their access to my application. The only problem is that my Facebook App has a few hundred access tokens (one for each user of my application). The insights dashboard does not provide me with stats per access token. I need to find out which of my users are getting their wall posts reported as spam.
Is there any way of doing this?
After appealing, Facebook has unblocked my application but I don't want it to happen again. As far as I can tell, I can find out the number of people who have reported the wall posts as spam...but I don't know which access token made those posts...and hence don't know which of my users is posting spam messages.
It's not Facebook job to keep track of your application internal activities. You should be logging every activity, at least posts ids returned when someone posts anything on their friends' wall.
And one more time... you DON'T need the offline_access permission to publish something when the user is offline!
Related
I've got a website I'm doing around a bunch of athletes.
All of these athletes have a Facebook account.
The client wants to show each of these athletes Facebook timelines on their individual profile pages using only their Facebook profile handle that they will provide.
I'm very unfamiliar with the Facebook API but am 99% sure this isn't possible as each of the athletes would have to go to the Facebook developers portal and set up an app right?
Is there any way to achieve this at all?
Nop, you're wrong. Your athletes don't have to setup an app. But, on the other hand, you or the developer responsible for that project, must setup an app at the Facebook developers website.
I'm not going to explain all the process, since the Facebook docs are quite easy to understand.
https://developers.facebook.com/docs/
After you setup your facebook app and integrate it with your website, it's time to start asking the athletes authorization you have plenty of ways to do that, you can either use Facebook Login, Dialogs or evenManually Build a Login Flow.
Keep in mind that you have different permissions, here's a full list of the permissions and a small description explaining what's their purpose.
Each athlete would have to grant permissions to your app, then after they do that, you will get an Access Token and the Facebook User ID, usually the Access Token has a short period of life (aprox. 2 hours), but you can trade this Access Token for a long one with a life time of aprox. 60 days. You can read more about Access Tokens here
After your athletes grant permissions to your app, you can access to their timelines. Keep in mind that it won't be exactly as their timeline on Facebook. To grab user info you can either use Graph API nodes, or if need a more complex and detailed info you can query it using FQL
I need to constantly poll for all posts that a group have people have posted mentioning a specific Facebook page. I have a user which has admin privileges to that page but is currently not friends with the group of people I need to poll. I need to do this as authenticating through my Facebook app without having people constantly enter their password. My understanding is that there is no way to do this without becoming friends with the entire group of people. Is that true?
Is it even possible to do this with becoming friends with the entire group of people (assuming that the group let's my user see their posts)? Will the group need to authenticate to my app at any point? What permissions does my app need?
I wish to create an application which me and my friends would subscribe to and which in turn can monitor a count of items in the news feed using the required permissions (kind of a social network statistics).
I read the developer documentation, but I couldn't find out if it's possible. Subscribing to my application (and allowing the permissions) is a one-time process for my friends. From then on, can my application read the fields mentioned in Graph API for the subscribed users at any time (without the user's involvement)?
You might be interested in using the Real-Time Updates API from Facebook. Using this, you will no longer have to continuously "poll" the Graph API. Rather, Facebook will send the updates to your server.
Here are some sample implementations of the API, https://github.com/facebook/real-time/tree/master/samples.
No.
Facebook used to have the "offline_access" permission which would let applications have an access token that does not expire.
Not a while ago though Facebook deprecated this permission as stated in Removal of offline_access permission.
The longest (that I'm aware of) that a token is valid for is 60 days. If you want to extend that time frame you'll have to get the user to interact with your application.
We have created an invite function at our site in JavaScript using the Graph API where users can invite their Facebook friends to our site. The users invited then get an invite post at their wall on Facebook.
This has been workling fine until suddenly one day the messages did not show up on the invited users wall. We even still get post sucess messages from Facebook and a Post ID.
Also, we nocticed that old invite posts were removed as well from the Faceook walls. However, other functions with the same app ID still work.
When we created a new Facebook app with a new Facebook app ID the invite functions work like normal again.
As far as we know we arent breaching any rules or regulations, and we havent been notified by Facebook (although we are quite active with FB ads).
Is there some risk Facebook have blocked our app without telling us? Can they block our domain if we continue? Are there any general rules when it comes to invite? Any tips?
Facebook has many anti-spam policies and procedures in place. If a high enough percentage of users delete the post that gets added to their wall or mark it as spam or choose to hide all posts from your application, the application will get removed and the posts removed as you have experienced. They may or may not email you to warn you.
Facebook has a high level guide to follow:
Create a great user experience
Build social and engaging applications
Give users choice and control
Help users share expressive and relevant content
Be trustworthy
Respect privacy
Don't mislead, confuse, defraud, or
surprise users
Don't spam - encourage authentic
communications
I am guessing they are flagging your account for not helping users share expressive and relevant content (I am guessing they don't get to type the message that gets shared on friends wall), as well as obviously for spam.
If you want to invite users, I would suggest using the supported method for this, the Facebook requests dialog, and move away from posting (spamming) other friends walls, as they most likely can ban your whole website or account if you keep doing what you are doing.
I have a question regarding the Facebook API and would like to gain some insight into nuts and bolts of the Facebook API.
I'm planning to write an App in PHP. This would be a birthday alert app. A user would visit our website, login wih their Facebook Account and done - We send them alerts as and when their friends have birthdays.
How can this app work in the background? because connections for a user keeps on changing. We cannot store all the data in a database because of two things:
1) Constantly evolving connections
2) Violates Facebook Terms.
We need to be able to store only the UID's of the users and then use that UID to somehow fetch a users connections and their corresponding date of birth on a daily basis.
Please let me know if this can be done or not, Because what i've learnt so far of the Facebook API, we'll need an Access Token to access a users personal information. And this Access Token is persistent only for the time until he/she is logged in.
I'm sure there might be some other way to achieve this that i might have overlooked.
I would highly appreciate if any of you could guide me in the right direction.
You would need to request offline_access extended permission to be able to retreive user data anytime. In order to get friends birthday there is friends_birthday permission. More about permissions here.