Facebook Graph API - permanent user access token for app (not page) - facebook-graph-api

I have a user access token for our App that expires in 60 days, but we have about 30 pages under this App. I know there is a way to create a permanent token for each Page, but is there a way to create a permanent token for the App?
Also I know I can generate an App access token here:
curl -X GET "https://graph.facebook.com/oauth/access_token
?client_id={your-app-id}
&client_secret={your-app-secret}
&grant_type=client_credentials"
but when I try to make a request for /me/accounts in the GraphAPI I see the error:
{
"error": {
"message": "An active access token must be used to query
information about the current user.",
"type": "OAuthException",
"code": 2500,
"fbtrace_id": "Ab7EmJxQqOjyA5dLz71Cokb"
}
}
So I think I need to stick to a user access token, but I need to find a permanent one

Related

How to like on behalf of the user - Facebook Workplace API

While working with the Facebook Workplace API liking an object (post, comment, photo..etc) can be done by passing the Admin Access Token, I'm trying to figure out how to do it on behalf on the user for a feed / comment posted into a group.
The docs mention getting the Page Access Token to perform this action but a Group doesn't have an Access Token & doesn't really solve what I'm going for anyway.
I've tried getting the User Impersonation Token from the API using the Admin Token but posting to the likes graph endpoint results in a publishing error.
POST /https://graph.facebook.com/{COMMENT-ID or POST-ID}/likes
HEADERS: Authorization Bearer "{IMPERSONATION-TOKEN}"
Error Response:
{
"error": {
"message": "(#3) Publishing likes through the API is only available for page access tokens",
"type": "OAuthException",
"code": 3,
"fbtrace_id": "CGpXtFWrwiA"
}
}
Again this works fine using the Admin App Access Token but not on behalf of the user. Also a group doesn't have an access token unlike a regular FB Page.
Any help on this would be great!

What permissions are needed to call /{page-id}/ads_posts on Facebook Graph API?

I'm trying to list the Ads for a Facebook Page using the Graph API /{page-id}/ads_posts endpoint, but I get a permissions when I try to.
Using the Graph API Explorer, I generate an Page Access Token with those permissions: email, read_insights, manages_pages, pages_show_list, ads_read, business_management, instagram_basic, instagram_manage_insights and public_profile.
I'm an admin on the Page itself, the attached Business Manager and on the corresponding Ad Account.
Every time I try to call the /{page-id}/ads_posts, I receive
{
"error": {
"message": "(#200) Not enough permission to call this endpoint",
"type": "OAuthException",
"code": 200,
"fbtrace_id": "XXXXX"
}
}
I can't find any help on the Facebook documentation or Google, given that the error isn't really meaningful (in some cases, I get a message saying that a specific permissions is missing, but not here). Anyone can help ?
EDIT: I tried to add the ads_management permission too, without success.
You need to add those pages to your app that is in development mode (https://www.facebook.com/settings?tab=business_tools).

What privileges are required to call the directory.user.update api?

Our organization uses SAML for SSO into Google Apps. In order to use SSO we must manage the change password functionality through APIs. Since the Provisioning API has been deprecated in favor of the Admin SDK Directory API, I am developing against this API.
The flow I am developing is that the end user will login using Google OAuth2 into my application. Then, using the users access token I am attempting to call the https://www.googleapis.com/admin/directory/v1/users/ API to put a new password, but I get an error 403 "Not Authorized to access this resource/api".
My question is, what privilege is required for the user to be able to update their own password? When calling this API with GET I am able to retrieve my user information successfully, but trying to put a new password (or any other field for that matter) fails.
Here is an example of my request and response:
Request:
PUT https://www.googleapis.com/admin/directory/v1/users/user%40domain.org?key={YOUR_API_KEY}
Content-Type: application/json
Authorization: Bearer ya29.AHES6ZT_7onp48edpClD72X-*************************
X-JavaScript-User-Agent: Google APIs Explorer
{
"password": "wlKsf.##2af"
}
Response:
{
"error": {
"errors": [
{
"domain": "global",
"reason": "forbidden",
"message": "Not Authorized to access this resource/api"
}
],
"code": 403,
"message": "Not Authorized to access this resource/api"
}
}
Only super admins, delegated admins and resellers can access the Admin SDK Directory API.
I suggest creating a delegated admin that only has access to update users via the API and then having your web application utilize an OAuth token created for this delegated admin.

How can i POST a reply on a comment in Facebook via Graph API?

I use page/user token:
request: https://graph.facebook.com/OBJECT_ID/comments?access_token=ACCESS_TOKEN
OBJECT_ID = FACEBOOK_COMMENT_ID
result:
{
"error": {
"message": "(#10) ",
"type": "OAuthException",
"code": 10
}
}
But if i try to use public token (generated via Graph API Explorer without permissions), reply is successfully. Any ideas?
what kind of access token do you used either it is short lived or long lived token .
If it is short lived then it will give you error after 1hr . and not allowed you to access user details.
At first you must make video with your Test application with status on developing, and send to Facebook inspection (manage_pages, publish_pages); after approval everything will work.:

How to obtain a long lasting Facebook Access Token?

Main objective: How can I get an access token with unlimited validity for a facebook app?
Background information
We have a FB app called MyApp with the following set up:
MyApp is authorized to interact with our facebook app
MyApp has access rights to manage our pages (manage_pages)
MyApp has access to Insights (read_insights)
Our goal is to extract the Insights data automatically, e.g. once every night.
Attempt with oauth generated app token
Get APP_ACCESS_TOKEN belonging to MyAPP
graph.facebook.com/oauth/access_token?client_id=YOUR_APP_ID&client_secret=YOUR_APP_SECRET&grant_type=client_credentials
example of retireved token: 328467452729456598|Wn2Gt69Ofg5ySdOGa3TsP2p4R
Use APP_ACCESS_TOKEN to get PAGE_ACCESS_TOKEN for each page
graph.facebook.com/me/accounts?access_token=APP_ACCESS_TOKEN
Use PAGE_ACCESS_TOKEN to get the page’s Insights data:
graph.facebook.com/YOUR_APP_ID/insights?access_token=PAGE_ACCESS_TOKEN
My problem is that the APP_ACCESS_TOKEN I get from step 1 seems to be missing the user part of the token, resulting in the following error when running step 2:
"message": "An active access token must be used to query information about the current user.",
"type": "OAuthException",
"code": 2500
Attempt with token retrieved from Graph Explorer API token
If I use the APP_ACCESS_TOKEN gained through the Graph API Explorer (https://developers.facebook.com/tools/explorer), I get a token with the user part that is significantly longer.
If I use this token in step 2 and 3, I get correct data, but all tokens are only valid for 2 hours, and subsequently I cannot use this for automated retrieval of insights data.
Attempt with exchanging short lived token for long lived token
Following the steps outlined in this guide: https://developers.facebook.com/roadmap/offline-access-removal/#page_access_token, I tried to exchange a short lived token for a longer lived one.
If I use try to exchange the token obtained from the oauth process, I get the error:
"message": "No user access token specified",
"type": "OAuthException",
"code": 1
If I use the token obtained manually from the Graph explorer in the exchange method, I can get the other steps to work as well, but for how long does this new token last? If the token expires after x days or after the some other event, I would still be faced with the issue of obtaining the initial token programatically (as opposed to manually every from the Graph Explorer).
So does anyone know how I can get a long-lived, automatically retrieved token to solve this?
Thanks!
This shell script attempts to help generate access tokens:
https://github.com/dncohen/fb_token
In step 2, you must use the user's access_token to access the /accounts API endpoint. You cannot use the App Access Token here.
What you should do is:
Get the user's access token from Facebook
Exchange the access_token for a long-lived token
Call /accounts to get a long-live page access token
Access page insights using the long-lived token until it expires
Repeat steps 1-4.