We have users that logged in to our website through Facebook Connect. Now we'd like to contact those users about changes as we indicated in the signup process, but we don't have their email addresses. Only their Facebook ids.
How can we contact them? I understand Facebook removed 3rd parties' ability to send notifications through Facebook's API. We can send them a message through the API either.
So I guess we're left with posting to their wall from a user account of ours. I assume there's a low limit to how often we're allowed to do that and is that even permitted? Or we can make an application request from this designated facebook user account which would show up in their notifications.
Finally, we could manually go to the user's profile page and then click the "send a message" button from our facebook user account... A lot of manual work and I assume this is frowned upon as well. Is there an easy way to find out the profile page URL from a Facebook id?
What's the best approach here where we don't break any rules?
If you are getting stream_publish extended permission in your profile then you can simply post on there wall see this http://developers.facebook.com/docs/reference/rest/stream.publish/
Alternatively this can be a better solution if the user do not granted any extended permission
http://developers.facebook.com/docs/reference/rest/livemessage.send/
you should get "offline_access" from the facebook user requests to post at anytime.
Related
Our application runs multiple sites for multiple customers. One service we offer is to write and post social media for our customers. We also allow the customers to do posts themselves through the application admin.
In order to facilitate the non-automated posts for customers, one of our users has access to the pages of many customers through her Facebook login.
The problem comes if she uses our application to generate an auth token through the admin area of the customer's site.
The application sends its own appID and secret key to Facebook, and the user receives the Facebook login page.
However, she used to be able to choose which page/customer she wished to log in to. Now, once the login data is submitted, Facebook immediately sends a token back to the "return URL." There's no opportunity to choose which Facebook page the auth is for.
The token appears to be linked to the user's "main" page (which is a page of ours).
Obviously, we need to be able to say "I'm logging in to Facebook page X of the many pages I'm authorized for."
Just to be clear: this is not an issue regarding authorization for our application in general. It's the specific case when the Facebook login is attached to multiple pages.
Can anyone give me some advice, please, even if it's just a link to an appropriate spot in the API docs? I've had no luck searching them.
Thanks,
Tom
Edit: First, to the question about "multiple domains": perhaps I shouldn't have put that in the title, since it's not relevant to Facebook per sé,
We host many clients who obviously have many domains. They administer their site content through a CMS which can, among other things, work with Facebook. A client often has a Facebook page; so for us at least, there is often a one-to-one correspondence between a client's site/domain and her/his Facebook page.
When someone goes through the process in question, s/he is administering the site, but may be attempting to post to a Facebook page. And one of our in-house admins has access to many clients' Facebook pages.
So let me rephrase: the admin logs in to a client's site. She attempts to authorize our application to post to that client's page. Our application sends its id/key data to Facebook, and she is taken to the login page.
The question is, how do we let Facebook know that we are seeking authorization to post to one of the many accounts/pages she can access?
Thanks for the help.
As pointed out by CBroe in the comment, if you want to post as a page, you need to have a page access token of the page that you admin. Once you have granted manage_pages permission to the app, you can call the /me/accounts edge to get the list of all pages that you admin and their access tokens.
You can then use the page access token of the page to post on behalf of the page. Note: You will need publish_pages permission in addition to be able to post on behalf of the page. Permissions are documented here.
I have a website where users can log in with the Facebook oAuth API.
Once the user logs in or registers via Facebook it is stored in my database.
But what I'd like to achieve is, once the user goes to his Facebook application settings page and removes my website app permissions, the used should also be deleted from my database.
Is there any work around to this problem, if this is not possible via the Facebook oAuth API?
You can add Deauthorise Callback URL by Navigating to Settings > Advanced section of your application. Whenever a User Deauthorises your Facebook app, Facebook performs a HTTP POST of signed request to your URL. You may use the field user_id to determine which User has deauthorised your app.
Actually, I would do the following:
Add a date to his last log in to your site.
Have cron job check for old, unused accounts.
Send an email to the user's email address (or Facebook message mail) telling him his account is due to expire soon.
Delete account from database.
I'm browsing some news sites and most of them have the option of posting the link on your facebook wall. Or retweeting it. Or to other social media sites.
How do they get the user to authenticate themselves? I just push a button and it asks me to log in, and then it creates a new post on my facebook wall.
I want to reproduce this behavior but don't know where to start.
Read the facebook information for developers here It allows you to create actions that users can do on your site like reading an article or post a photo and it will add it to their facebook profile. There is also the capability for users to register or login to your site using their facebook credentials.
Similarly go here for twitter.
These sites are all using OAuth. It basically involves the transaction of a request for an access token from the site you are logging in through. Your users validate that they approve the validity of your request by authenticating with the third party system such as Twitter or Facebook and then these systems return a token that allows you to read/write/modify user data from these sites on their behalf.
I'm developing a website where the user can either sign up creating his own profile or can sign in with FB or Twitter.
The thing is I don't really know how to manage it, for example: let's say my user signs up through the website and creates content, what happens if the user later decides to sign in with FB or Twitter? How can I keep it all unified?
I know I could just do the Twitter sign in, get the data from twitter and create a profile in my DB for the user with his Twitter handle, don't know how I'd deal with later if he wants to just log in through the site.
Anyone have any ideas?
So he later signs in with Twitter or Facebook. I think you have a couple of options in this case. Allow the ability to link accounts together once the user signs in with any one method. Say they sign in with your sites registration, let them hit a page where they can add in other linked accounts like Twitter and Facebook once they are in their logged in state on your site. See the friendfeed model for inspiration. Or, like we did with ucubd.com/index.aspx - let the user sign in with facebook and regsister an account on their behalf and ask for their email as the login credential. If it's found - great. If it's not ask for a password. This will allow the user to either login with your sites registration method or through facebook. You will have the information in your database to link both of them together.
Every account on your system will have an e-mail address. Every account with FB, Google, Twitter is also linked to an e-mail address. What you will need to do is link the accounts based on e-mail address. That way you will never get duplicate accounts.
I have implemented Facebook Open Graph Protocol Full Integration following the http://developers.facebook.com/docs/opengraph/ and http://www.websitedesign411.com/blog/facebook-open-graph-protocol-full-integration-walkthrough.
How can I get user e-mail addressess that clicked the like button for certain blog entries or pages?
You can't. Access to the email address requires prompting the user for extended permissions. You can't get that information through a simple "Like" action. That would be a spammers dream!
http://developers.facebook.com/docs/authentication/
I don't believe you can access a facebook user's email address just because they clicked on your Like button. What you will need to do is get the user to authenticate to your application using facebook connect (usually by clicking on that blue "Connect" button), and in the process you can prompt them to share their email address. Email is an 'extended permission' so you need to ask explicitly for it.
You can implement this authentication bit easily enough with the facebook javascript SDK:
http://developers.facebook.com/docs/reference/javascript/
Once the user has authenticated to your application allowed access to their email you can can fetch their email address via the graph api:
http://developers.facebook.com/docs/reference/api/user/
The easiest way to communicate with folks who like your page is to post interesting messages on your page's wall leading them to your facebook app.
You then get them to authorize your app (with or without extended permissions).
Once authorized, you are able to communicate several ways like:
using livemessage
http://developers.facebook.com/docs/reference/rest/livemessage.send/
create an event and add their user id to it.
BTW, the way to get their user ids is:
1) getting the object id of your page/url using
https ://graph.facebook.com/?id={URL}
2) retrieving the user ids via
https: //graph.facebook.com/{mypageid}/likes