We're developing a Canvas app that will have a tab when implemented on the fan page. The Tab will have the like gate. What we want to do, is restrict access based on location. So, Facebook users outside of the US wouldn't see the tab when the go the fan page.
This blog posts speaks to showing users different content based on location (http://developers.facebook.com/blog/post/394), but i don't want them to see the tab at all.
Any thoughts?
To set demographic restrictions (i.e., location, age, etc.) issue an HTTP POST with an app access token to
https://graph.facebook.com/APP_ID?restrictions={“RESTRICTION_TYPE:VALUE”, …}
ie:
https://graph.facebook.com/APP_ID?restrictions={"location":"US"}
Users who do not pass the restrictions will not see the tab.
More information at: Facebook Developer Blog & Graph API: Application.
When an application is accessed as a Tab on a Page (iFrame) Facebook Passes a signed request (http://developers.facebook.com/docs/authentication/signed_request). You would be able to use that data to get the user's location. However, it might need further authentication to get that information.
Please refer to this question for a hack to find the user location through their IP:
Getting user location on Facebook page tab
Anyway, as far as I know, you cannot remove the application all together, you have to show up 'some content' for the users who load the tab. I suggest that if you want to restrict page content to use the country restriction for the entire page. However, it might be impractical for your use case.
Related
I want to make an events calendar using Facebook API. I have an array with page URLs I want to scan and take its events. The problem is, I am using an App Access Token and I can't obtain events from pages with restricted age (alcohol pages etc.). Is there any way I can obtain those events?
There is no way to access restricted Pages with an App Token. You have to use a User Token of a User who can access the Page, or a Page Token of that Page. There is no other way, or the restriction would be pointless.
Go to the advanced settings of your applications page on developers.facebook.com. e.g. for me it would be https://developers.facebook.com/apps//settings/advanced/. And set app restrictions for 'references alchohol' to yes, similar for age.
Screenshot of setting attached
We have created a Facebook application that is restricted to US only, using the Graph API location restriction method (https://developers.facebook.com/blog/post/574/).
This application has then been added to a Facebook page. However, it appears that admins of the page are still able to see the application, regardless of their location.
So our question is: would it be possible to disallow access to admins of the page if they are outside of the US?
Just to make sure, is it admins, or just because you are the owner of the app.
I have no experience with the restriction functionality but if the above still proves that page admins can view it, then it looks like page admin's can still view it. But there are some other steps you can apply considering people can easily fake location on Facebook anyway.
IP Location
Download GeoIP (free IP address database) and you can lock people out of your app that way as well.
Graph API
Connect to the graph API with their user Id, manually get their location and block based on that.
Or you can use a combination of all of the above.
This is completely intentional - page admins will always see the tabs on their page - there's no way to hide content on a page from the admins of that page.
Broadly, there should be no way to hide content from users who are responsible for that content
In my web site, I want to ask the users for permission to manage their pages.
I saw in the documentation that I need to use the following:
https://www.facebook.com/dialog/oauth?client_id=MY_ID&redirect_uri=MY_URL&scope=manage_pages&response_type=token
However, I retrieve back a list of pages which are manages by the user.
Is there a way that inside the auth dialog the user will see list of pages managed by him so he could confirm only those that he allows?
I also don't know what are the pages id, and prefer not to call a method where I need to specify the page id, but to get a token and page id from what he has already selected.
In the old authorization dialogs there was a drop-down so the user can specify which pages they want to allow. However, that is now deprecated and the new dialog grants every page as you have found out. Basically, your app can show the user which pages they currently have under their management (display list from data return for HTTP Get /me/accounts) and let them choose.
I wanted to build a fan page tab that would pull that page's photo albums. At first I thought I would need to build app with extended permissions to ask for "manage_pages" and "offline_access" so that the app can use my access as page owner to access page data.
However, random users that go to the tab will now be asked for permissions also, which I don't want.
What's best way to build a tab that can access fan page data via the api?
If you don't have any fancy privacy settings for your page, you can just use the Graph API to pull all albums from the page - means creating a tab and link to a php file on your server where you do just this. Downside of this is that it's quite slow, but I can't tell whether the javascript sdk would be any faster (don't think so)
If you need some help pulling and printing them out, leave a comment!
I can't seem to find exactly what I'm looking for. We're trying to build an app to run solely on a Facebook Page. We want to show a landing page if they don't Like the page, and the contest entry form if they do. This functionality works.
Before showing the contest entry form, we'd like to authenticate the user viewing the app so that they can just hit "Enter the contest!" and we can automatically pull a name/email address.
Any of the methods of authentication I've seen described, including through the Facebook Developer docs, don't work at all.
I saw something that said they need to interact with the app first, then you can get the id, but that doesn't work either. I also don't get the page id passed with the signed request.
Its also pretty unclear whether I should be using an iframe or just FBML.
Could anyone point me in the right direction, please? Thanks!
You need to create a fan page and add the FBML plugin to that page, then you will need to insert a short code that will determine if a facebook user has clicked 'Like' or not and by determining that you will decide weather to display the content of the landing page or not (using an iframe). You will probably like to also set the FBML box that you create as the default view for members who didn't press the 'Like' button yet, you can change the default view in your fan page settings.
On the iframe, you will need to use the Facebook API if you want to retrieve any user information from Facebook, for that, you will need to register a new application with Facebook. Go to developers.facebook.com for the API integration and app registration.
Also, what do you mean when you say:
Any of the methods of authentication
I've seen described, including through
the Facebook Developer docs, don't
work at all.
Well, it appears you can't do it that way. The client was very specific in wanting that functionality but we ended up convincing them to go for a redirect to the canvas page to have the app authorized and the contest entered instead.