facebook: how to grant a website permanent access to your wall? - facebook

I am creating a website and I would like it to display the posts present on the wall of my own Facebook profile page. These posts must be visible to any user visiting my site.
Having read various articles online regarding the topic of the Facebook api, I had thought I had found the correct solution. The following steps are what I have done thus far:
Signed in as a developer on Facebook (I am only allowed a max of 2 URLs in the post hence I have ommitted the URL)
Set up a new app which gave me an App ID and an App Secret.
Generated my access token at the following URL:
https://graph.facebook.com/oauth/access_token?grant_type=client_credentials&scope=offline_access&client_id=APP_ID&client_secret=APP_SECRET
Where APP_ID and APP_SECRET are the App ID and App Secret from step 2. I also added the 'scope' parameter and set it to 'offline_access' as I believe this is what would allow my website to access my Facebook wall information without needing me to be currently logged into Facebook.
When I access my test page at [http://pauldailly.javaprovider.net/danceclass][1] (I set this URL to be my 'site URL' when creating my app in step 2. Similarly, I set my 'Site Domain' to be the same as my site URL, without the '/danceclass'). I get the information message 'Paul Dailly has not shared any information' and it displays my Facebook profile image. I should point out that this test page is using the Facebook Wall jQuery plugin to make the call to facebook. I have supplied the plugin my facebook page's profile ID and the access token that I generated above.
My question is, do I need to take some extra step in order to allow my site to now access specific pieces of data from my Facebook account, such as my wall posts, now that I appear to have a valid access token?

First, a access token can expire in many ways,
1. Time.
2. When you log out.
3. When you change permission etc.
Second, yes you need different permissions from the user (even if the user is app admin) to retrieve different bit of information from his Facebook profile.
And also, make sure you construct meta tag currectly in your website, like putting og:admins, og:app_id etc. You have to supply the app_id when initiating the facebook (php/js)-sdk in your website too.

Related

Auto Posting to Multiple Facebook Pages using Graph API - Auth Issues

I am pulling my hair out trying to understand what Facebook wants me to do to post to a FaceBook Page as a System User that has Admin and Page Privileges to and Owned by our business (We have Facebook Business Manager).
In a nut shell all I want to do is make this call:
https://graph.facebook.com/v2.5/${MyPageID}/feed
What I don't get is the access_token part.
I can generate access tokes for Apps, for Pages but all result in 403 returned from FaceBook. I have gone as far and checking every box available on the generate access token popup on the graph api and still I get 403 "Forbidden" so I am detailing the little I understand of the insanity that is FaceBook Auth in the hope that someone can explain where I am going wrong.
1) To Post as a System User to a Page I have to Create a FB App (I Would prefer just to post direct to the pages and skip the App part, My System User has Admin Access on All pages)
2) To Access the App I need an App Token.
3) To Create an App token I need a User Token.
4) To Create a user token I need to log in to Facebook and have all sorts of permissions on the App. (I can't log in as the System User! FB asks me to login as myself. I am not sure if this breaks the Auth Token generated?)
5) Then there are all sorts of swapping tokens to get a Permanent App token, Another point of potential failure!
6) IF the stars and moon align and you stand on your head the permanent App key can be passed to the above call as the access_token
I don't understand how to link the Pages I want to post to with the App created. Do I have to have 1 App for Each Page?
I have got one page to work, We initially used that App to Auth against the Instant Article Graph API:
https://graph.facebook.com/v2.5/${MyPageID}/instant_articles
I could not use the above token for the /feed url, I had to generate a new token with extra publish permissions and the page published with no problems, however when I change the ${MyPageID} to another page using the same access_token I get the 403.
I tried Creating a new App, I have no clue how they link to a specific page So the App to me seems sort of redundant.
Any help with what I am doing wrong or how I can go about simply posting to various FB Pages with a System User using the /feed api ?
The calls are made form a Spring Boot Java APP using HTTP Posts.
How to get a System User Auth and Page Auth:
1) Generate a User Token for an App (Button above the System User):
https://business.facebook.com/settings/system-users/${System User ID}?business_id=${your_business_manager_id}
System user has Page Admin on each page you need to post to.
App is just an FB app, not sure what it does other that it is a grouping I generate a token against.
I chose: (manage_pages, publish_pages, publish_actions, pages_manage_instant_articles, pages_show_list)
2) Check your access token:
https://developers.facebook.com/tools/debug/accesstoken/?access_token=${The access token you got from the step above}&version=v2.12
This will provide you with the App ID the Token is for and how long it lasts (we need a Permanent token)
3) Using Graph API Explorer gets the Accounts this token has access to:
https://developers.facebook.com/tools/explorer/${Your FB APP ID}/?method=GET&path=me%2Faccounts&version=v2.12
4) Using the output above find Page Auth for each page you wan to publish to
5) Post to each page in turn:
https://graph.facebook.com/v2.5/${MyPageID}/feed

Automatic post to my facebook page from Node.js server

I have a Node.js server running a social network site and I also have a facebook page for that site. For certain actions performed by users on my site, I want to post details on the facebook page of my app.
I referred to Thuzi facebook node sdk here on how to post to facebook wall. However, it requires app id, app secret and a temporary access token. App id and app secret are constant so I can put them somewhere in my config file and use from there. But how do I get the access token without any interaction from front-end ? All posts will be published by our app only and that too on our own page. I just want this to be triggered by the end user's actions. Any help ?
I am using Sails.js framework btw.
You would need to use an Extended Page Token for that, you only need to create it once and it will stay valid forever. And you will post "as Page" with a Page Token. How to get an Extended Page Token:
Create an App
Use the Graph API Explorer to generate a User Access Token (by authorizing the App with the manage_pages and publish_actions permission)
Extend the User Access Token (valid for 60 days)
Request an Extended Page Token by calling /me/accounts
Store that Extended Page Token on your server and use it for posting on the Page wall.
Here are some additional resources, explaining everything in detail:
https://developers.facebook.com/docs/facebook-login/access-tokens/
https://developers.facebook.com/docs/graph-api/reference/v2.1/page/feed
http://www.devils-heaven.com/facebook-access-tokens/
http://www.devils-heaven.com/extended-page-access-tokens-curl/
I am also digging more in to this nowdays As I am working on a node module for this.
Till now I got to know that we can create a temporary access_token and we can than extend that token upto max 60 days.
For this after getting temporary token you need to make a call to this url to get a access token with 60 days validity.
https://graph.facebook.com/oauth/access_token?client_id=&client_secret=&grant_type=fb_exchange_token&fb_exchange_token=

Do i need the Facebook PHP SDK for Page Tab Apps?

I'm developing a Facebook Page Tab App. The files are located on my own server and i've created a Facebook App.
Now i'm trying to access the user's first name and i found different ways to get user informations, e.g. the $signedrequest (for the user ID) or the Facebook PHP SDK.
So do i need the SDK, e.g. for Graph API calls, or are there other ways to get informations from Facebook in my Page Tab App?
Using the SDK i get a lot of errors like An active access token must be used to query information about the current user., even if the user is already logged in.
If the user have not signed in to your app you will not get the user name or user id from the singend request parameter. It will give you information if the user likes the page, is admin of the page and additional app_data.
Using the php-sdk you can use the getLoginUrl() method, https://developers.facebook.com/docs/reference/php/facebook-getLoginUrl/, to get the access token needed to fetch user name, user id etc.

Facebook Graph Api access Alcohol Related Page

I am looking for a solution to fetch the feeds of an alcohol-related/age-restricted Facebook Brand Page by a website or back-end service to show these infos in that website for any user.
i.e: https://graph.facebook.com/JimBeam
The standard call results with an error or false.
I know the reason is the age-restictrion because of the relation to alcohol.
If I am connected to Facebook and add an access_token (user-token or page-token) to the request, I get everything I need, but it doesn't work if I am not connected.
If I request the page-token with offline_access, it also does not work when I am not connected to Facebook.
I am a bit confused with all this token types, offline_access, permissions and so on.
Is possible to get the fb-graph-feed of an age-restricted page and load that into a website?
To get an age-restricted feed you need to have a user access token that meets the criteria for the page. So if a user is visiting your site, they will need to authenticate your app, and then you can use the resulting access token to pull information to your website from that restricted page.
You should not be using a user's access token to display content to another user who does not meet the restrictions on the Facebook page.
An added problem is that Facebook does not expose a page's restrictions via the API, so you can't tell if a user has permission to see the page until your API request returns no data.

how to make "uploaded via" link at the bottom of the post to link to user's website?

what I need: upload photos to user's fan page as a page, using an app for that
what I have: my website which does uploading, and a user, who created fan page and application, and that app's id and secret
what I do:
call FB.init() with that appId
call FB.login() with manage_pages,publish_stream permissions - this prompts FB login popup where user is asked to login and then to authenticate the app. As the result I get app access token.
Send request to https://graph.facebook.com/oauth/access_token?client_id=APP_ID&client_secret=APP_SECRET&grant_type=fb_exchange_token&fb_exchange_token=TOKEN_FROM_ABOVE to get extended app token valid for 2 months (and therefore page tokens will be extended as well as described here)
Send request to https://graph.facebook.com/me/accounts?access_token=TOKEN_FROM_ABOVE to get a list of pages user manages, and let user to choose the page he wants to publish to.
That gives me PAGE access token I can use to publish photos to user's FAN page using /albumId/photos/ API call.
what is the problem:
the "via" link in the photo redirects user to MY website (where user has authenticated his app to upload to his page):
that is because I had to ask user to enter my website's URL in app settings, otherwise Facebook login dialog will complain:
SO MY QUESTIONS ARE:
Am I doing this right? am I missing something probably?
If I am - then how can I get that "via" link to link to user's website?
Thank you.
how can I get that "via" link to link to user's website?
Not at all, because this always links to the app that was used making a post/upload.
What you could try though is having your website redirect when a user is coming to your site from Facebook. Which post/feed story the user is coming from should be passed to your site as parameters; then you’d only have to figure out which user made that post (look it up in your database), and redirect to their homepage.
I ended up adding client's website URL as a query string parameter into "Site URL" field in the application settings - and then I need to modify my site's backend to do redirects:
http://mysite.com/?redirect=http://client-site.com