How to create an access token? - facebook

I am a bit confused about the facebook graph api and access tokens.
I have created a facebook user and a facebook page. Now I want to write an application that lets the user post a message on the pages wall/feed. As far as I understand it right now I need an access token of the user to post a message to the pages wall. To create that I need an app id and app secret. But there is no app, there is just the page and the feed. Do I have to create an app? And how would I connect the app to the page without creating a new tab on that page?

In order to do anything whilst acting as a user, you're going to need an App and the correct permissions from the User. Read more about Authentication here

Related

Auto Posting to Multiple Facebook Pages using Graph API - Auth Issues

I am pulling my hair out trying to understand what Facebook wants me to do to post to a FaceBook Page as a System User that has Admin and Page Privileges to and Owned by our business (We have Facebook Business Manager).
In a nut shell all I want to do is make this call:
https://graph.facebook.com/v2.5/${MyPageID}/feed
What I don't get is the access_token part.
I can generate access tokes for Apps, for Pages but all result in 403 returned from FaceBook. I have gone as far and checking every box available on the generate access token popup on the graph api and still I get 403 "Forbidden" so I am detailing the little I understand of the insanity that is FaceBook Auth in the hope that someone can explain where I am going wrong.
1) To Post as a System User to a Page I have to Create a FB App (I Would prefer just to post direct to the pages and skip the App part, My System User has Admin Access on All pages)
2) To Access the App I need an App Token.
3) To Create an App token I need a User Token.
4) To Create a user token I need to log in to Facebook and have all sorts of permissions on the App. (I can't log in as the System User! FB asks me to login as myself. I am not sure if this breaks the Auth Token generated?)
5) Then there are all sorts of swapping tokens to get a Permanent App token, Another point of potential failure!
6) IF the stars and moon align and you stand on your head the permanent App key can be passed to the above call as the access_token
I don't understand how to link the Pages I want to post to with the App created. Do I have to have 1 App for Each Page?
I have got one page to work, We initially used that App to Auth against the Instant Article Graph API:
https://graph.facebook.com/v2.5/${MyPageID}/instant_articles
I could not use the above token for the /feed url, I had to generate a new token with extra publish permissions and the page published with no problems, however when I change the ${MyPageID} to another page using the same access_token I get the 403.
I tried Creating a new App, I have no clue how they link to a specific page So the App to me seems sort of redundant.
Any help with what I am doing wrong or how I can go about simply posting to various FB Pages with a System User using the /feed api ?
The calls are made form a Spring Boot Java APP using HTTP Posts.
How to get a System User Auth and Page Auth:
1) Generate a User Token for an App (Button above the System User):
https://business.facebook.com/settings/system-users/${System User ID}?business_id=${your_business_manager_id}
System user has Page Admin on each page you need to post to.
App is just an FB app, not sure what it does other that it is a grouping I generate a token against.
I chose: (manage_pages, publish_pages, publish_actions, pages_manage_instant_articles, pages_show_list)
2) Check your access token:
https://developers.facebook.com/tools/debug/accesstoken/?access_token=${The access token you got from the step above}&version=v2.12
This will provide you with the App ID the Token is for and how long it lasts (we need a Permanent token)
3) Using Graph API Explorer gets the Accounts this token has access to:
https://developers.facebook.com/tools/explorer/${Your FB APP ID}/?method=GET&path=me%2Faccounts&version=v2.12
4) Using the output above find Page Auth for each page you wan to publish to
5) Post to each page in turn:
https://graph.facebook.com/v2.5/${MyPageID}/feed

Do review required if we want to get Facebook Page like count (Without Facebook login) by Facebook app token?

I am doing a static web page in my website, in which I am showing the like count of particular Facebook page. There is no kind of login required to see this web page. Also, I don't want to user to login with their Facebook account to see the Facebook page like count.
I have implemented this requirement by using Facebook app token.
API: "https://graph.facebook.com/PAGE_ID?access_token=APP_TOKEN"
But the problem here is, If I use the app token of already approved app by Facebook with some permissions (manage_pages) exists, it works. It is not working for the app token of newly created Facebook app.
I have sent the app for review to Facebook by requesting manage_pages permission, but they rejected the app and said that my website doesn't have the Facebook login functionality implemented.
Since it is not documented clearly, I have a doubt that do the app need to send for review if I want to get the Facebook page like count without Facebook login (By using Facebook app token)? If yes, what permission do I want to request?
Any help would be much appreciated.
First of all, you need to learn what Tokens there are:
https://developers.facebook.com/docs/facebook-login/access-tokens
http://www.devils-heaven.com/facebook-access-tokens/
For your problem, you can just use an App Access Token. There is no need for any permission or Login Review, the links above tell you exactly how to create one. Make sure you never use the Token on the client, especially because it includes the App Secret. Do the API call on the server only (file_get_contents or curl, if you use PHP).
If by "it does not work" you mean that you only get the id and the name, then it´s not about "not working", you need to read the changelog and search for "Declarative Fields": https://developers.facebook.com/docs/apps/changelog#v2_4
So if you want to get more than just id and name, the API call would be like this: https://graph.facebook.com/936299239766048?access_token=YOURAPPTOKEN&fields=id,name,likes,...

how to request permission to post ads on a page as an app?

I'm working on a facebook app that posts newsfeed ads, and I have been banging my head against the wall for the last few days, the work flow should go like this:
User provides his page id.
The App requests authorization to post ads on the page. stuck here
App verifies that the user authorized it.
App creates adcreatives using the user's page_id in the object_story_spec call to /adcreative using the app's ad account.
I went through How to post to page as an app?'s docs, couldn't figure it out.
the app is written in Go, however if you can provide a code sample it doesn't matter what language you use, I just need the basic work flow.
Not sure what you want to do exactly, but if you want to create ads (for am ad_account/user) via an app, you'll need the ads_management permission during Facebook Login.
How you manually create a login flow can be found in the docs as well.
See
https://developers.facebook.com/docs/facebook-login/permissions#reference-extended
https://developers.facebook.com/docs/facebook-login/manually-build-a-login-flow

Posting to a Facebook Page Wall from a Web Server

I've been reading documentation and Stack Overflow link all morning, but I'm just not understanding the correct process to authorize a web server to post to a Facebook page wall.
What I'm not clear on is why I have to post to Facebook as a Facebook User, using an access_token, meaning that this user has to log into Facebook manually to authorize my app.
I'm not trying to authorize a User, nor any of my visitors to do anything with their accounts, so I don't need any permissions from them. Instead, I'm trying to authorize my Web Server to post updates to its wall as a specific Page.
Why do I have to use a user access_token to do this? I'm not attempting to impersonate the user, I'm trying to post to the page as the page...
Is it possible to authorize a user and get their access token without having to create a login page on the Web Server? I don't want to have to require the user to login to make this work, I thought that was the point of having an app ID and Secret?
I guess my question is this: Is it not possible to allow a web server to post to a Facebook page wall as that page, without having to present a login dialog to a specific user? If it is possible, what is the correct workflow to set this up?
In order to post to a Page as a Page, you have to use a Page Access Token. You get that with a User Access Token, and you can extend it so it will stay valid forever.
Steps:
Request a User Access Token with the manage_pages permission (valid for up to 2 hours)
Extend the User Access Token (valid for up to 60 days)
Get the Extended Page Access Token for your Page with the User Session
Store and User The Page Access Token in the publish call
It may sound a bit complicated, but there are many tutorials for this and you don´t actually need to program it, you can just use the Graph API Explorer.
Here are some Links about the Access Tokens:
https://developers.facebook.com/docs/facebook-login/access-tokens/
http://www.devils-heaven.com/facebook-access-tokens/ (see "Extended Page Access Token" for a step by step tutorial)

facebook: how to store and retrieve access_token on server side?

I am trying to understand, how facebook authentication works and how the flow should look like. I am working with Google App Engine and I have managed to obtain first the code and then access token. Using it I can for example retrieve user's friends list. This is all cool.
However, how can I store this access_token? I wan to allow my user to access different pages in my facebook app and I will need this access token on those pages. How can I store it and how can I retrieve it? Or maybe no matter which page user accesses I first need to get the code and then access token and only then can I perform some operations on his behalf?
I don't want to use javascript sdk for now. Is it possible to do it all from server side?
how can I store this access_token? I
wan to allow my user to access
different pages in my facebook app and
I will need this access token on those
pages. How can I store it and how can
I retrieve it?
just store the access_token in the datastore.
https://github.com/facebook/python-sdk/blob/master/examples/appengine/example.py
line 50.
It is from the facebook python sdk.
https://github.com/facebook/python-sdk/
If you don't want to use javascript sdk, you need to see this document. It has all details for facebook Oauth.
http://developers.facebook.com/docs/authentication/
While facebook redirect your user to your page assigned by redirect_uri. It will give your the code (A_CODE_GENERATED_BY_SERVER), then your server can get the user's access_token/facebook id with server side facebook api + code. Then you can login your user (set the session/cookie) and do whatever you want.