I am trying to pull information(name, posts, email, etc) of arbitrary public Facebook accounts. I have a Facebook App. However, I am unable to pull anyone's data because there is no "universal access token" that would allow me access every public account's data.
To test the app, I made a dummy Facebook account and gave that account a developer role in the app. Based on Facebook documentation, since my app is in development mode and the dummy account has a role in the app, I should be able to pull its data. Even with an access token where all of the boxes are enabled, I am still unable to access this data.
Suppose 123456789 is the Facebook id of account I am trying to get info from
Get request from admin account - GET/v3.3/123456789?fields=posts
I expected to get a list of all of the posts from the user; however, I get:
{
"id": "123456789"
}
Is it still possible to pull public account data through Facebook? I know that to do so in live mode, I will need to get Facebook to approve a Page Public Content Access feature, but I am unable to get to that point, because I cannot access public posts in development mode.
If this is about User Profiles:
It is not possible to get ANY data of a user without his explicit permission. You don´t even get an ID of the user without him authorizing your App first. For accessing his posts, you would even need an additional permission (user_posts). For accessing his email, you would need the email permission.
If this is about Pages:
You need to apply for Page Public Content Access in order to get access to posts of Pages.
Related
In our web application a user grants us access to their Facebook account, which gives us their long term access token. The user then makes a choice if the integration should be for their user timeline or for a specific Facebook page that they administrate. If they pick a page then we swap out their user access token with their page access token and go on our merry way. That has been successfully live for a while.
Now I want to add some code so if you are authenticated against a page we can query for the engagements field (/me?fields=engagement) (essentially the details about like counts for the page). However, this query obviously fails if you navigate to this resource with a user access token, because there is no "engagement" field on User.
Is there some way I can query the "/me" api resource and know if it's a user or a page without parsing the error message?
I'm trying to retrieve a photo of a user different from the logged one, here what I did:
I have 2 different users that granted "user_photos" permission to my app
I'm able to retrieve the photos uploaded by USER_1 through the API
https://graph.facebook.com/v2.5/me/photos/uploaded?access_token=USER_1_TOKEN
Let's suppose I'm interested in the photo with id PHOTO_ID_123 (privacy public) and I want USER_2 to be able to view that photo. I should call the following API:
https://graph.facebook.com/v2.5/PHOTO_ID_123?access_token=USER_2_TOKEN
(note the different token user in the latter call)
The issue is that now I'm getting the following error from FB:
{
"error": {
"message": "Unsupported get request. Please read the Graph API documentation at https://developers.facebook.com/docs/graph-api",
"type": "GraphMethodException",
"code": 100,
"fbtrace_id": "GmYciGz/Mpd"
}
}
These two users are mutual friends on facebook, but since the photo is public I expect to be accessible even in case the two users are not mutual friends.
Of course the following API call
https://graph.facebook.com/v2.5/PHOTO_ID_123?access_token=USER_1_TOKEN
is working as expected (it does return photo related data). If USER_2 try to access PHOTO_ID_123 from browser (inside facebook website), he can see the photo.
What am I missing? Is this even possible? To me it seems possible from fb doc: https://developers.facebook.com/docs/graph-api/reference/photo/
Permissions
Any valid access token can read photos on a public Page. A page access
token can read all photos posted to or posted by that Page. A user
access token can read any photo your application created on behalf of
that user. A user's photos can be read if the owner has granted the
user_photos or user_posts permission. A user access token may read a
photo that user is tagged in if they have granted the user_photos or
user_posts permission. However, in some cases the photo's owner's
privacy settings may not allow your application to access it.
Thanks
If i authorize an App with user_photos, i would not want any other App User to be able to see my photos - at least not without my permission per photo. So it does make sense not to be able to access photos of one user with the Token of another.
You could let the User select some photos and store it on your server if you want that to happen. Just because something is public on facebook.com does not mean you can grab it with the API, that would make a lot of permissions pointless.
I am using Facebook Ad Api to create ads. How ever when i grant a user Administrator Role (1001) with the following api call:
https://graph.facebook.com/v2.5/<AD_ACCOUNT_ID>/users?role=1001&uid=xxxxx
it successfully creates the user, and when i get all the users using the following request:
https://graph.facebook.com/v2.5/<AD_ACCOUNT_ID>/users
it successfully returns the array as:
"{"data":[{"name":"firstname lastname","permissions":[1,2,3,4,5,7],"role":1001,"id":"101xxxxxxxxxx352"}}"
but when i try to create an Ad campaign or Adset with the newly added user the following exception is thrown:
[FacebookAds\Http\Exception\AuthorizationException]
(#272) This Ads API call requires the user to be admin of the application. User 16xxxxx351 not admin or developer for application 109xxxxxxxx0403.
And when i go to my app and assign the user with an Administrator or Developer Role, I can make requests successfully.
Why is facebook not allowing a user created with administrator role from the api not make api calls to its Ad Api ? And why does it allow when the user is granted Administrator/Developer role make requests ?
This is because the objects you can promote are not based upon an adaccount but are based upon your user.
You can see the connection objects a user has access to by make the following request:
<API_VERSION>/act_<AD_ACCOUNT_ID>/connectionobjects?access_token=<ACCESS_TOKEN>
The documentation states:
this call returns the IDs of all objects for which the current session
user is an administrator, and the IDs of apps for which the user is
listed as a developer or advertiser.
If you don't want to make additional administrators for your app, you can create system user in Facebook Business Manager, grant him administrator (or even advertiser) rights for Ad Account.
https://developers.facebook.com/docs/marketing-api/business-manager-api
And use his token to manage ads. In my case I used it to retrieve targeting of ads, to find where leads came to lead form from.
https://www.facebook.com/marketingdevelopers/videos/vb.606699326111137/883648801749520/
I'm just starting to create a in-facebook app. I'm bugging at the first step, when a user access my app for the first time. Basically, I want a welcome page to explain what is that app before requesting an access to information. A cute image with cats, whatever, but not sending directly the user to the login to my app dialog.
So, user didn't sign in to my app, I only have the "app access token" to work with the graph. According to this official Facebook dev page (at the end), I'm supposed to have some basic information access.
Question is : how ? What are the calls that I can make to the graph with an app access token ?
/me is a no go, it requires a user access token.
/$user_id is public information, with or without a token, I can retrieve basic info. But I don't have any user_id to use through the $signedRequest (which gives only country,locale & age)
How am I to get (quote):
- Basic Profile Info of a User (ID, Name, Username, Gender)
- A User’s Friends and their IDs
- Permissions granted by the User to your App
You shouldn't be using your application token for anything other than administration of your app.
It's not possible to get data before a user actually grants it.
The paragraph you mentioned is within the limits of your application
While an App Access Token is largely for the purposes of publishing
information back to Facebook on behalf of the user, there is a limited
set of information that can be retrieved from Facebook using an App
Access Token.
Basic Profile Info of a User (ID, Name, Username, Gender)
A User’s Friends and their IDs
Permissions granted by the User to your App
Say I know User001 added my app, and I want to check on some items for administration. I don't have User001's access token (or rather I shouldn't be manually using it) So instead I supply the application access token to get data that would normally return
Notice I can supply an app token allowing me to see friends (of the user who added the app) but if I choose an object not mentioned in those bullet points...
Basic Profile Info of a User (ID, Name, Username, Gender):
Yes. https://graph.facebook.com/USER_ID?fields=id,name,%20username,%20gender&access_token=APP_ACCESS_TOKEN
A User’s Friends and their IDs
If you request https://graph.facebook.com/USER_ID/friends?access_token=APP_ACCESS_TOKEN, you would get:
{ "error": {
"message": "Can't lookup all friends of 100001234567. Can only lookup for the logged in user or the logged in user's friends that are
users of your app.",
"type": "NoIndexFunctionException",
"code": 604 } }
The answer for legal solution is, NO, you must use user access token.
Similar disscussion here Get the Friends of my friend using the Graph API
Permissions granted by the User to your App
Yes. https://graph.facebook.com/USER_ID/permissions?access_token=APP_ACCESS_TOKEN
I really surprise when use http://www.friend.ly site. I'm login Facebook and after go to http://www.friend.ly. I'm surprise because I don't confirm extended permission but this site can get email, address... Any ideas?
My Information
Information get from friend.ly site
They are using the Facebook Registration Plugin which basically renders an iframe from Facebook's server. Due to cross-domain browser restrictions, they can't actually access any of that data until you submit the form by clicking the register button.
If you read the section on the Graph API documentation about authorization you'll see that if they're using an OAuth 2.0 access token then they can retrieve any information that you have publicly available without your authorization. You can see the examples below.
The Graph API as such allows you to easily access all public information about an object. For example, https://graph.facebook.com/btaylor (Bret Taylor) returns all the public information about Bret. For example a user's first name, last name and profile picture are publicly available.
To get additional information about a user, you must first get their permission. At a high level, you need to get an access token for the Facebook user. After you obtain the access token for the user, you can perform authorized requests on behalf of that user by including the access token in your Graph API requests:
https://graph.facebook.com/220439?access_token=...
For example https://graph.facebook.com/btaylor?access_token=... (Bret Taylor) returns additional information about Bret Taylor.
The Graph API uses OAuth 2.0 for authorization. Please read the authentication guide which provides details of Facebook's OAuth 2.0 implementation, how to request permissions from a user and obtain an access token.
Getting an access token for a user with no extended permissions allows you to access the information that the user has made available to everyone on Facebook. If you need specific information about a user, like their email address or work history, you must ask for the specific extended permissions. The reference documentation for each Graph API object contains details about the permissions you need to access each connection and property on that object.
This quote is from the facebook documentation located here:
https://developers.facebook.com/docs/reference/api/