After I add a permission, the user has to remove the app and add it again, in order to grant new permission. The weird thing is that when I request a permission that the user hasn't approved, I don't get an error, but rather only an empty result set.
How do I check if the user approved a permission?
It is quite simple as you can just use the openn graph API to get that information
https://graph.facebook.com/me/permissions?access_token=....
Related
I have authorized my app for several Facebook permissions using my own user account. If I look at the UI, I can see those permissions granted.
If I pull the permissions from the API, it shows many of these same permissions as declined for my user.
That's an API call through the Graph API Explorer using my app's token. I get the same results using cURL.
Some of these permissions require approval from FB, but they have all been approved.
It feels like I'm missing something here. Why does the API return different results than what is shown in the UI? I'm hoping to use the API to see which permissions a user has granted for my app and to ask for a new one if they haven't already granted it. If I can't get accurate results from the API, this won't work.
This happened because I had the wrong Facebook user ID. I used a web site to find my ID which gave me the wrong ID. I found my ID in my app's database, and this returned the correct results from the API.
How do you remove access to a Facebook app based on the client_id it used?
E.g. assuming someone clicks on a link that looks like this:
https://www.facebook.com/dialog/oauth?client_id=client_id_string&redirect_uri=
https://www.facebook.com/connect/login_success.html&scope=basic_info,email,public_profile,
user_about_me,user_activities,user_birthday,user_education_history,user_friends,
user_interests,user_likes,user_location,user_photos,user_relationship_details&
response_type=token
and all they have is the client_id_string how do they then revoke access via Facebook?
https://developers.facebook.com/docs/graph-api/reference/user/permissions
See "Revoking Permissions" in the docs. You can´t remove the App itself, but you can remove permissions.
You can revoke a specific permission by making a call to a Graph API
endpoint:
DELETE /{user-id}/permissions/{permission-name}
This request must be made with a user access token or an app access
token for the current app. If the request is successful, you will
receive a response of true.
We have user_status permissions for one of our apps. Graph API 2.2 is being used to get user statuses (https://graph.facebook.com/v2.2/me/feed?access_token=".$access_token). It returns empty data sets for SOME users (I get public profile info for these users but not status data). The app is live and the review team has granted permissions for user_status and user_likes. (user_status is passed to the scope). Is this a bug or User_status is dependent on some other permission? Why does it happen for some users and not all?
As #CBroe mentioned, you should inspect the Access Tokens with /me/permissions to see if they really contain the user_status permission.
I wonder why you're using /me/feed instead of /me/statuses. Maybe this has an effect as well.
See
https://developers.facebook.com/docs/facebook-login/permissions/v2.3#reference-user_status
https://developers.facebook.com/docs/graph-api/reference/user/statuses/
It want to access the posts of the FB page owned by me using the graph api version 2.0 .
I know how to do it, I have the code but the issue I am facing is that I need to submit my app for review as manage_accounts permission is granted only after the app facebook
Can I do this without getting the app reviewed as I need it by tomorrow?
I get the following error in the graph api explorer for this query:
QUERY: me?fields=id,name,accounts{access_token}
Error
The field 'accounts' is only accessible on the User object after the user grants the 'manage_pages' permission.
Please let me know if there is a way around this?
Thank YOU
It is manage_pages, not manage_accounts. You can use manage_pages for everyone with a role in the App (Admin, Developer, Tester). If you want to make your App available for all users, you have to go through the review process with manage_pages.
Either way, you have to authorize the user with manage_pages, that´s exactly what the error message tells you.
I want to get /{user-id}/feed from another user (user B) rather than "me" (user A), but the query returns an empty list.
I'm using the Graph API Explorer to make the queries, and I've got the Access Token with user_posts, user_status and read_stream permissions, but I can't get this information.
In this thread is said that:
Additionally the queried user needs to grant the app the read_stream permission.
In this other thread they said:
If the user is your app user authorized with read_stream permission, then you access the USER_ID/feed. It's because USER_ID/feed endpoint only available if user give permission read_stream to your app. App Access Token is not allow.
If the user is not your app user with read_stream, then you access the USER_ID/links instead. It's because no read_stream permission require to access this endpoint. App Access Token is not allow.
MY QUESTIONS:
Do I really need this other user (user B) to grant this permission to access his feed?
Where can I find official documentation saying so?
As /{user-id}/links seems to be accessible, are posts, statuses or tagged accessible too, or I just can access links without User B granting this permission?
Note:
Since the purpose is to use it in and iOS and Android App I can't use the read_stream permission, so I would use the user_posts which is supposed to be valid as they say in https://developers.facebook.com/docs/graph-api/reference/v2.3/user/feed
>
Of course, why would anyone want your App to access his newsfeed without his authorization? Keep in mind that not only the user would be able to access the feed of his friends, but the App too - which means, it would be easy for the App developer to get access.
Should be clear with number 1. Why would there even be a permission if you could just grab the feed from another user with it?
You can´t get ANY data from a user without his authorization, for privacy reasons. Friend permissions are gone.