We have many client accounts that have recently started returning permissions errors when fetching post details using a page access token with manage_pages permission. Many other client accounts do not have this problem.
The specific error message returned is as follows, (page and post ids blanked)
/_?fields=shares,reactions,sharedposts returned error (#10) This endpoint requires the 'manage_pages' or 'pages_read_engagement' permission or the 'Page Public Content Access' feature. Refer to https://developers.facebook.com/docs/apps/review/login-permissions#manage-pages and https://developers.facebook.com/docs/apps/review/feature#reference-PAGES_ACCESS for details.
In our api call we are presenting a recently connected and valid page access token with manage_pages permission; can you provide any advice about how to further diagnose this?
Related
I have approved access to Facebook user_videos permission. This is supposed to give me access to the user/live_videos endpoint. However when my users hit this endpoint the exception is returned from Facebook.
(#10) To use live-video-api on behalf of people who are not admins, developers and testers of your app, your use of this endpoint must be reviewed and approved by Facebook. To submit this feature for review please read our documentation on reviewable features: https://developers.facebook.com/docs/apps/review
If I hit this endpoint with my account I can access my live video just fine. But not with other users who have authorized access to the user_videos permission.
Approved permission
Why would I not be able to access the users live videos using $fb->get('/{user-id}/live_videos'?
Instead I get the exception.
How can I get a Facebook access token that will grant permission to request information on events that the user has RSVP'd to (interested or attending)? My current method works for my user, but not other users.
My current method:
I'm using the Facebook Javascript SDK to log in as a user, get an access token, and then query the graph API to get data about events that the user has logged into.
The route I'm hitting to get event data is (pseudo):
https://developers.facebook.com/docs/graph-api/reference/v2.12/event
Or in my code (pseudo)
https://graph.facebook.com/v2.12/{event-id}?{access-token}&fields={fields}
When the app logs in as my own user (also admin of app), I get an access token that can be used to query the event route successfully, but when it logs in with another user, I get a failure when hitting the event route with the API token I receive:
"Unsupported get request. Object with ID '466582570713258' does not exist, cannot be loaded due to missing permissions, or does not support this operation."
According to Facebook's API documentation, it states that my app needs the user_events permission to hit the event api endpoint that I'm looking for:
https://developers.facebook.com/docs/graph-api/reference/v2.12/event
I went through the verify process and requested that permission for my app, which now has these approved:
PERMISSIONS
email
Provides access to the person's primary email address. This permission is approved by default.
public_profile
Provides access to a person's name and profile picture. This permission is approved by default.
user_events
Provides access to a person's events.
If I grab the API token I get back when logging in as a user (other than myself), it does say that user_events scope was granted, which would seem to be sufficient to get a response from the event endpoint. But it is failing as above.
Using the Facebook Access Token Debugger I can see I have an access token that never expires.
https://developers.facebook.com/tools/debug/accesstoken/
However using the Graph Explorer I get the error
{
"error": {
"message": "(#10) To use 'Page Public Content Access', your use of this endpoint must be reviewed and approved by Facebook. To submit this 'Page Public Content Access' feature for review please read our documentation on reviewable features: https://developers.facebook.com/docs/apps/review.",
"type": "OAuthException",
"code": 10,
...
}
}
This was previously working, has something changed with Facebook? The only other thing that has changed is that my access to the Facebook App was removed then reinstated, so I now use a different access code.
Please could anyone advise what I need to do to resolve this issue, I previously did not need Facebook review to use this API last month.
Thanks
Edited: the login required screen when requesting a Page Access Token:
This is not about expiry of the token.
Facebook has restricted API access to the data of any public pages - you now need to get your app reviewed for the use of the feature “Page Public Content Access”, before you can use it.
https://developers.facebook.com/docs/apps/review/feature#reference-PAGES_ACCESS
Without getting this reviewed, you can only access data from pages you have admin access to - but that in turn requires the use of a different kind of token then, a page access token. (You presumably used the general app access token, for your requests that have been working up until now. For that to keep working to access public page data, you need to submit for review of the feature.)
Thanks to misorude for all your help. This is what worked for me:
Step 1: ask the business manager to grant the user "Manage Pages" permission on both the app and the page:
https://business.facebook.com/settings/pages/PageID?business_id=BusinessID
https://business.facebook.com/settings/apps/AppID?business_id=BusinessID
Step 2: Create the user access token (select "Get User Access Token" from the "Get Token" dropdown)
https://developers.facebook.com/tools/explorer/
Step 3: Check the user has access by calling your graph method using the temporary user access token
E.g. https://graph.facebook.com/v3.3/PageID?fields=link%2Cpicture&access_token=UserAccessToken
E.g. https://graph.facebook.com/v3.3/PageID/feed?fields=message%2Cfull_picture%2cpermalink_url%2Ccreated_time&limit=3&access_token=UserAccessToken
Step 4: Create permanent user access token
https://developers.facebook.com/tools/debug/accesstoken/
Click "Extend Access Token" at the bottom of the page and debug to reveal the token with expiry: never
I am posting to a facebook page I manage using facebook API. Till yesterday I was able to post using facebook graph API. Suddenly I started seeing the permission issue for publish_pages permission. It is as if this specific permission has been revoked from the token (I verified using token debugger). When I try to generate a new user access token with relevant publish_page permissions, I do not see the permission for publish_page in the graph explorer.
The token I was using was generated using user access token with relevant permission to get a token for page.
From doc I see that we do need App review for publish_page permission. But so do we need it for manage_page permission. My token has manage_page permission and I can see option for this manage_page permission in graph explorer when I generate user access token.
I see option to get publish_page permission when I try to generate token for page. But when I try to select the option I get below error:
Invalid Scopes: publish_pages. This message is only shown to developers. Users of your app will ignore these permissions if present. Please read the documentation for valid permissions at: https://developers.facebook.com/docs/facebook-login/permissions
Do I need to get my app verified before I can post to page I manage?
What else can I try?
There is a bug report about this: https://developers.facebook.com/support/bugs/2261820083829739/
I still get an error for one of my Apps that was working before, so I can confirm that it is still not fixed:
Invalid Scopes: read_page_mailboxes, instagram_basic,
instagram_manage_insights
Edit: Just found another bug report about it: https://developers.facebook.com/bugs/600976503711113/
My application use facebook authentication to ask the user permissions to manage his ads. i use the following scope:'public_profile,ads_management,ads_management'
but in the login window it shows only public profile which will an invalid access token for the ads management.
have a look at this answer https://stackoverflow.com/a/25901780/5410373
the ads_management extended permission is only granted to whitelisted apps. So if the Graph endpoint you're hitting requires that permission then you'll have to get your app approved. Check out the getting started overview https://developers.facebook.com/docs/reference/ads-api/overview
and this answer : https://stackoverflow.com/a/24753070/5410373
All permissions except
public_profile
user_friends
email
require a review of your app by Facebook before you can use them publically. See https://developers.facebook.com/docs/apps/review/login#do-you-need-review