At the moment I use the facebook api to read out the posts of public pages via //posts. I use this data to show on a display in the store the latest facebook post that the store placed on their page.
we have a lot stores that use this, but of most pages I don't have an access token so I use the app access token to read it. However I did receive a warning that I need to request the "Public page content" permission. So I requested it but denied with message "We determined that your app's use case for this permission is invalid, or it's not needed to support its core functionality."
I think I needs this permission, I also think this is an allowed use case.
I did explain why I needed the permission, and uploaded a screencast of how the screen looks like.
Am I missing something? or do I not need the permission to read public posts of a page? (Wish the explanation was better why the permission was denied)
Related
Our team is creating an app that analyzes Facebook reviews/recommendations. We have submitted an initial version of the app to FB for approval to use Page Public Content Access (PPCA), and have been approved. However when we started testing it after approval and after going to Live mode, we have not been able to generate any tokens that enable us to access the public content we are looking for.
There was a similar question posted recently, 54943575/facebook-graph-api-review-rating-data-with-page-public-content-access. However the answers that appeared for that one said that you can't access this content without manage_pages permission for each individual page, while the FB documentation clearly says you can do so with the Page Public Content Access: "Allows read-only access to public data on Pages for which you lack the manage_page login permission. Readable data includes business metadata, public comments, posts, and reviews." It is true that you need manage_pages in order to write, e.g. delete or post, content to any pages. The documentation also says that with PPCA permission, an allowed use is "Provide aggregated, anonymized public content for competitive analysis and benchmarking", for which clearly you would not be able to get manage_pages permission for all pages you access.
What this question boils down to is this" is the FB documentation for PPCA correct, and if so, how can we generate the access token(s) needed to use it, now that we have it?
Update: the following graph call (from the FB Graph API SDK for Python) that retrieves "posts" does work:
page_posts = graph.get_connections(id=getpage_id, connection_name='posts')
While the following one that attempts to retrieve reviews/ratings, does not:
page_reviews = graph.get_connections(id=getpage_id, connection_name='ratings')
The latter call produces the error:
(#210) A page access token is required to request this resource.",
"type": "OAuthException",
The Facebook Developers documentation says that the Page Public Content Access applies to ratings as well as posts, but this appears to contradict that, unless we are calling the graph incorrectly here.
You can only get a Page Token of Pages you manage - for other Pages (and Page Public Content Access), you can just use an App Access Token. More information: https://developers.facebook.com/docs/facebook-login/access-tokens/
For ratings/reviews, you MUST use a Page Token. Page Public Content Access only gives you access to the Page feed and photos, for example.
I am using PHP for accessing Facebook friends location. I want to access location of all friends. I read that it requires "access tokens" to get client's public information from here
https://developers.facebook.com/docs/facebook-login/access-tokens#apptokens
and here
https://www.sammyk.me/access-token-handling-best-practices-in-facebook-php-sdk-v4
Is that token will be provided by Facebook at that instant of time or my app needs to wait till friend's approval.
I saw this post on stack overflow: How to get user access token?
But i still i can't figure out what if friend is offline. How that token will be passed to my application?
Or is it like that "Tokens are generated by Facebook at time when my application made the request but i can only access the user information later using the same token if he has given permission (when he gets logged in)".?
I am unable to find any explanation regarding this.
Thanks.
You canĀ“t get the location of friends at all. Friend permissions have been removed for privacy reasons, you can only get data of users who authorized your App too. Check out the changelog for more information: https://developers.facebook.com/docs/apps/changelog
That being said, there are different Access Tokens. You can get an App Token without authorization, but you need to implement an authorization process for User or Page Tokens.
More information:
https://developers.facebook.com/docs/facebook-login/access-tokens
http://www.devils-heaven.com/facebook-access-tokens/
During the past couple of weeks I've been sporadically downloading posts from a couple of Facebook pages with this call:
https://graph.facebook.com/105317422843784/posts
Everything was working fine and I would get the usual json response of public posts (which doesn't require authentication afaik).
Now I get this:
{
"error": {
"message": "An access token is required to request this resource.",
"type": "OAuthException",
"code": 104
}
}
I haven't changed anything in my code, and I tested in two different browsers and two different machines with the same result. I don't think I've hit any limits (I'm using the API very seldom). I can't find any changes made to the API either.
Is anybody else having trouble with this? Can anybody point me to a lead?
Taken from the documentation on: https://developers.facebook.com/docs/graph-api/reference/v2.2/page/feed/
An access token is required to view publicly shared posts.
A user access token is required to retrieve posts visible to that person.
A page access token is required to retrieve any other posts.
Looks like you need an access token.
From today, in order to get posts from public pages through Facebook Graph, we always need to use Access Tokens.
New Permissions
An access token is required to view publicly shared posts.
A user access token is required to retrieve posts visible to that person.
A page access token is required to retrieve any other posts.
Old Permissions
An app or user access token is needed to view fields from fully public pages.
A user access token is needed to view fields from restricted pages that this person is able to view (such as those restrict to certain demographics like location or age, or those only viewable by Page admins).
A page access token can also be used to view those restricted fields.
Facebook is going through an entire change with their recent conflicts and allegations. They have stopped all API pulling for now and the access will be given again once all your Facebook Developer apps are reviewed by them.
I've tried do develop automatic code that would fetch data from ads campaigns under account. My plan is to have server that would query every day to get data from impressions/clicks/costs of ads and save it for later use.
I use https://developers.facebook.com/tools/explorer to get access_token for getting data (insights) from those campaign pages but when I log out to try offline_access it tells access_token is old, cause of password change or access_token getting outdated.
Isn't the whole point of offline_access to grant acccess when user is not logged in?
And besides that.. what's with most of my calls ending having reply as follows:
"(#294) Managing advertisements requires the extended permission ads_management, and a participating API key"
I've given access_token that has ads_management, but I have no idea what this Participating Api key even means. Do I need to add this to url call or something? Where do I get this Api Key?
Edit: I want to be able to get data from add campaign pages, so I'm not talking about Apps in page
You will want to read up on the deprecation of the offline_access here: https://developers.facebook.com/docs/offline-access-deprecation/
But most importantly follow the guide here on how to handle invalid access tokens:
https://developers.facebook.com/blog/post/500/
You app is to monitor the error messages coming back from the API and handle it gracefully.
I have the same issue and I found this bug can be reason of our problem. It's already accepted and assigned, but still not solved. I hope it's really bug and not a secure hole, that was closed :)
I really surprise when use http://www.friend.ly site. I'm login Facebook and after go to http://www.friend.ly. I'm surprise because I don't confirm extended permission but this site can get email, address... Any ideas?
My Information
Information get from friend.ly site
They are using the Facebook Registration Plugin which basically renders an iframe from Facebook's server. Due to cross-domain browser restrictions, they can't actually access any of that data until you submit the form by clicking the register button.
If you read the section on the Graph API documentation about authorization you'll see that if they're using an OAuth 2.0 access token then they can retrieve any information that you have publicly available without your authorization. You can see the examples below.
The Graph API as such allows you to easily access all public information about an object. For example, https://graph.facebook.com/btaylor (Bret Taylor) returns all the public information about Bret. For example a user's first name, last name and profile picture are publicly available.
To get additional information about a user, you must first get their permission. At a high level, you need to get an access token for the Facebook user. After you obtain the access token for the user, you can perform authorized requests on behalf of that user by including the access token in your Graph API requests:
https://graph.facebook.com/220439?access_token=...
For example https://graph.facebook.com/btaylor?access_token=... (Bret Taylor) returns additional information about Bret Taylor.
The Graph API uses OAuth 2.0 for authorization. Please read the authentication guide which provides details of Facebook's OAuth 2.0 implementation, how to request permissions from a user and obtain an access token.
Getting an access token for a user with no extended permissions allows you to access the information that the user has made available to everyone on Facebook. If you need specific information about a user, like their email address or work history, you must ask for the specific extended permissions. The reference documentation for each Graph API object contains details about the permissions you need to access each connection and property on that object.
This quote is from the facebook documentation located here:
https://developers.facebook.com/docs/reference/api/