I am using facebook PHP SDK and using that I can able to make request to facebook and get the expended permission from user. After user granted extended permission, anytime user can remove our application or revoke certain granted permission from their settings page, but there is a call back url for facebook to notify, so that and we can track who has removed our application, Suppose some one revoke certain granted permission instead of removing application, How facebook notify us to trace which permission has been revoked by the user?
Is there any other way our app to get to know, what are the permissions user has granted?
Thanks.
-Ravi
You can check if user gave some particular permission with users.hasAppPermission
Related
User_friends is a default permission.
I have tried to remove for the application but the only thing that I realize is that I remove just for one user for me using:
delete user-id/permissions/user_friends.
I would like that my app to never ask this permission for all the users.
So please tell me how to proceed:
what to use at Access Token
what is the query
In API V2.0 and higher there are no default permissions other than basic_info.
Although user_friends is approved by default, unless you're including it in your app's login code, user_friends won't be part of the permissions new users are prompted to accept
I want to get /{user-id}/feed from another user (user B) rather than "me" (user A), but the query returns an empty list.
I'm using the Graph API Explorer to make the queries, and I've got the Access Token with user_posts, user_status and read_stream permissions, but I can't get this information.
In this thread is said that:
Additionally the queried user needs to grant the app the read_stream permission.
In this other thread they said:
If the user is your app user authorized with read_stream permission, then you access the USER_ID/feed. It's because USER_ID/feed endpoint only available if user give permission read_stream to your app. App Access Token is not allow.
If the user is not your app user with read_stream, then you access the USER_ID/links instead. It's because no read_stream permission require to access this endpoint. App Access Token is not allow.
MY QUESTIONS:
Do I really need this other user (user B) to grant this permission to access his feed?
Where can I find official documentation saying so?
As /{user-id}/links seems to be accessible, are posts, statuses or tagged accessible too, or I just can access links without User B granting this permission?
Note:
Since the purpose is to use it in and iOS and Android App I can't use the read_stream permission, so I would use the user_posts which is supposed to be valid as they say in https://developers.facebook.com/docs/graph-api/reference/v2.3/user/feed
>
Of course, why would anyone want your App to access his newsfeed without his authorization? Keep in mind that not only the user would be able to access the feed of his friends, but the App too - which means, it would be easy for the App developer to get access.
Should be clear with number 1. Why would there even be a permission if you could just grab the feed from another user with it?
You canĀ“t get ANY data from a user without his authorization, for privacy reasons. Friend permissions are gone.
I'm creating a website that use facebook connect, and I need the publish_action permission for each user, unless, user can't get access to my website.
But when a user register with Facebook connect, the publish_action permission can be skipped ; the request is separated from the read permissions.
This is an example of what I dont want: http://i.stack.imgur.com/mbz8g.png
Is there a way to ask to people to allow publish_action and read permissions in the same text box, without "skip" button ?
You cannot require the publish permission to use your app.
No. People must be able to login to your app without granting publishing permissions.
When the user accesses my apps for the first time, I ask for a couple of permissions (user_checkins, publish_stream, offline_access). After allowing all the permissions the user goes to privacy settings and removes one of the first 2 settings (not offline_access). Facebook doesn't ask him to allow back the removed permissions even if the user logs out and comes back to my applications.
The problem appeared when I started asking for offline access permissions, since the access token is not refreshed the token still contains the permission.
How can I request for a new token for the user with the right permissions?
User will have to delete your application from his approve list and then access your app again. It will ask him to approve new permissions
You can query the /me/permissions graph call (specifying the users access token) and check to see if the permissions you need are there. If they are not, you can prompt them to re-authenticate with your application like you originally did and it will re-prompt them for those permissions.
I am developing a Facebook App which requires some extended permission. The problem is that Facebook doesn't automatically ping my app when those permissions are granted by the user. I have to manually query for them or the user must press a confirmation button to send them to me.
My question is how can I enable Facebook to ping me automatically when permissions are changed. I am using the Facebooker plugin in Rails.
If you are developing a canvas application when a user has granted extended permissions you will begin to receive a parameter specifying which permissions were granted (fb_sig_ext_perms).
You can also use the FBJS function Facebook.showPermissionsDialog which will execute a callback that tells you which permissions the user has granted. Documentation here: http://wiki.developers.facebook.com/index.php/Facebook.showPermissionDialog
For Facebook connect, you can specify a javascript callback for when the user has granted (or chosen not to grant) permission. Documentation here: http://developers.facebook.com/docs/?u=facebook.jslib.FB.Connect.showPermissionDialog