I don't know if I'm missing something, but I have created a test user for my app that uses Facebook login and I cannot edit any of the profile information. Our app pulls in work and education history so I want to add these to the test user to fully test the integration.
Here is an example of what I'm seeing:
I hit similar things on other areas. When I click on "Add a college" it just does nothing.
There seem to be a lot of errors happening including a 500 when I click on "Add a college".
So my questions are:
Is all of this just not really supported for test users? That would be odd to me
Is all of this some sort of terrible Facebook bug that I should be reporting to them? Hard to believe.
Am I doing something odd?
Is there any other reasonable way to test work/education history?
I need to submit my app for review including a screen cast of the functionality, so I'd obviously like to use a test user instead of my own account with all of my info. Thanks in advance for the help.
Currently test users can only have a name, password, and friends. You can see this in the Facebook API for test user:
https://developers.facebook.com/docs/graph-api/reference/v2.12/test-user
Vs. an actual user:
https://developers.facebook.com/docs/graph-api/reference/user/
I'm not sure of a way to test this without logging in as yourself and getting friends to try it. You should definitely beta test it before submitting it for review though.
Related
What is the correct way to start using Instagram oEmbed feature? Documentation (https://developers.facebook.com/docs/instagram/oembed/) claims that I have to pass App Review to start using the feature. And application form says Please provide a URL where we can test Oembed Read. Which I don't have because I have no access to the feature.
What I have tried with no success:
I requested instagram_oembed resource with:
app token of application in live mode
app token of application in
development mode
passed URL to a post by official Instagram account
(e.g. https://www.instagram.com/p/CQG4gZxMzzO/)
passed URL to a post
of a user who is Admin of the app
In all cases I receive (#10) To use 'Oembed Read', your use of this endpoint must be reviewed and approved by Facebook. To submit this 'Oembed Read' feature for review please read our documentation on reviewable features: https://developers.facebook.com/docs/apps/review.
Example of the request I do https://graph.facebook.com/v11.0/instagram_oembed?url=https%3A%2F%2Fwww.instagram.com%2Fp%2FCQG4gZxMzzO%2F&access_token=appAccessToken
We're also suffering from this issue, but so far, we thought we already figured out how to do that.
Big picture
Facebook had not sorted this thing out correctly. Or at least, we don't know why they put such a restriction to this API.
The official document is not correct. (or at least not accurate for now, for some part)
Which part was not correct?
The access token part is not right. Or at least, it's the most confusion part.
How can we resolve this?
Use the Graph API Explorer
Adjust your token(App token, Client access token, user token) with the official URLs(see below) to see if you can get the result
most of us should be able to get the result with user access token, which means you have to access this API after login!
Integrate into your app for review
The review page is also confusing:
Please provide a URL where we can test Oembed Read. Include the URL of a page, post or video from our official Facebook or Instagram pages, or the pages themselves., it means you can only use links like https://www.facebook.com/instagram or https://www.facebook.com/facebook
With that in mind, so far, the only way to get approved is integrate your oembed usage into your normal UI with facebook user access token ready
Question to the big picture
So, we have to ask user to login with our facebook app, then we can provide this oembed read API returned embed HTML? I'm afraid that's what we have now.
big companies might be able to apply for App Token, I guess in that scenario, facebook login is not necessary
for small companies, indie developers, hmmm, I don't know any better solutions so far.
I have run into this too. I do not have an answer at this time, I just want to report on the frustrations of their 'app review' process. Which makes it feel like you are unlikely to get it to work any time soon.
We have a custom embed code for our weblog authors to use (a shortcode kind of thing) which does the oEmbed call. We just take the HTML from the resulting JSON, and insert it into the weblog article page, and that is it. It stopped working, presenting this same error - in live mode, and in development mode.
The kicker is, I then tried submitting it for app review. Filled out everything I could to the best of my knowledge. Provided them a test account and post on our weblog to show the shortcode editing and expected placement. We got rejected. Why? Your embedding resulted in an error, we can't see it in action to approve you.
Yes. The error I am getting is that I need my 'app' to be reviewed and approved.
This is an infuriating process. This is the only Facebook / Instagram API feature we use at this point. No user data. No attempt to make an Instagram clone app or anything like that. Just an embed.
And they are making this simple use case as impossible to use as they can. And the documentation also feels like an infinite loop. They say users of the old Instagram embed call have until September 7 2021 to get approved. But the call does not work at all because we are not approved. So we cannot get approved.
Same loop here. I've managed to report it to Facebook team and get answer "Just submit your Instagram post URL"! I can't believe it, its can't be so simple. I've confirmed it few times with Facebook team person and.... get rejected!
Also, second form in App Review process will LOWERCASE all of your links and I've spent few days just to explain it to reviewers and support person. Still rejected after submitting proper url. This is insane.
My another attempt was about to build a test page where I can auth via Facebook account, parse connected Instagram accounts and GET embed endpoint with user access key in hope that reviewer HAS access to oembed feature - REJECTED. I can't even find what permission I need to add to auth URL to obtain oembed thing.
Will update my answer with new information later.
UPDATE: After reporting about the issue with lowercase URL in submission form they just APPROVED my app without APP REVIEW. Well... Facebook style...
I had exactly the same problem recently. Updated the packages with compose, changed the API version from 10 to 11... without any change.
The error was also occurring in development mode, it didn't make sense that Facebook was asking to approve in dev mode.
For me, the problem came from the management of scopes in my application, depending on the version of the Facebook API used.
My advice: check the scopes defined with API version in your code first.
I had the same issue and the solution is very simple. The only thing you need to do is copy paste an instagram url in the input field saying: Please provide a URL where we can test Oembed Read.
I did the this link: https://www.instagram.com/p/G/
Which is actually the first instagram post :) Got approved. Hope this helps everybody!
I'm developing a webapp which allows users to log in with their Google accounts, using OAuth2.0.
I've created an OAuth2.0 client ID, configured the OAuth consent screen with the Publishing status set to 'Testing', and added a test user.
The frontend of my app is built with React, and I'm using a package (react-google-login) to handle the flow. I can successfully sign in with the Google account I added as a test user, and retrieve the basic profile information needed.
The problem is I can also sign in with other Google accounts, which have not been added to the list of test users. I imagine that Google should simply not issue access tokens for accounts which are not in the list of test users.
I feel like I've misunderstood something about the OAuth process, or I have configured something incorrectly. I would appreciate if anyone had any pointers?
Thanks.
It is indeed bugged.
I was in the same spot as you, assuming I had misunderstood something. After reviewing my code over and over with no luck, I made a Stack Overflow post, in which I was advised to post to Google's bug tracking system. After doing some troubleshooting with Google they confirmed the bug, and they are now working to fix it (for a little while already).
I included this thread as an example when talking to Google. I meant to post an update here after getting in touch with them, but I forgot, sorry!
The buganizer thread with more details:
https://issuetracker.google.com/issues/211370835
Is it possible you're only asking for the email scope?
It appears the test user filter and possibly the whole concept of the 'app' being in test mode exists only inside the consent screen feature.
For some reason, Google doesn't show the consent screen if you only ask for email.
So... maybe that means you don't need a consent screen, and therefore don't need to care what that feature thinks about your app (that your app is in test mode and needs to be verified before going into production).
Or maybe it's a bug? Or maybe just because you can do this doesn't mean it's allowed by Google's terms. Maybe they just haven't implemented preventing that use case.
Anyway, it may help you to know that if you add a more significant scope like the Calendar API then the following things will change:
Non-test users will get a message like "The developer hasn’t given you access to this app." and won't be able to complete oauth
Test users will get a message like "Google hasn't verified this app"
Test users will see a consent screen
Basically, everything starts working as expected.
By the way, just putting "email" or "profile" for scope seems to be an old way of doing things, and all the newer scopes want you to use a full URL for the scope (despite google themselves not using the full URL when you're configuring your scopes).
For example, if you want the email and calendar scopes, you can put this value for your scope field:
email https://www.googleapis.com/auth/calendar
Or you can use this equivalent value:
https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/calendar
Not suggesting you add a scope like email for the sake of it, just that it sheds light on what's happening, and if there's a scope like that that you need anyway, adding it will solve your problem.
I am working on a local application that needs to retrieve data from user's Facebook profile. As long as I can see, by default I can only get name, picture and age range, but I need many others information like education, location, likes and so on. I tried to submit approval for these items, but Facebook won't set my submission because I don't have a Privacy Policy URL added. I don't know what Privacy Policy URL to add because I'm working on localhost.
Please help me figure it out and excuse me if my question is wrong, it's the first time when I work with fb api. Also, if there is another way to retrieve this items, I would be more than happy to hear about it.
Have a look at
https://developers.facebook.com/docs/apps/review/login#do-you-need-review
It's saying that
in order to help you craft your Facebook Login experience, your app's developers will be able to see, and grant, any permission without requiring review by Facebook.
and
Also, if you're the developer of an app and are the only person using it, then your app doesn't need to go through review. Since you're the developer, all app capabilities should be available. You will still need to take your app out of developer mode, but you should be able to do that without going through review.
So, to be able to develop your app and request extended permissions, you don't need to pass your app to review, as long as you test with an app admin/developer/tester.
i have read all the answers ( i could find on the matter), and they say, if you are a developer, tester or admin of the application, you should be able to test the app without any problem. I have tried as a admin of the app, developer, tester etc (all the roles given in the developer dashboard) no luck, next i have tried with the test users, still no luck, when i ask the user for the permission (publish_stream), the popup always says
Submit for Login Review Some of the permissions below have not been
approved for use by Facebook.
I have setup the "privacy policy link", i have uploaded the application icon, entered the application description, still no luck. in the mean time, the other two permissions i ask (user_photos and email) work with no problem.
I can't get what i am doing wrong. has anyone had problems like this?how did he manage to solve them? any help will be much appreciated.
P.S the only thing i haven't tried is to submit the freaking app for review, but the app is far from done, so i think, the review will be rejected
You really don´t need to go through the review process for testing, unapproved permissions work for every Admin, Developer or Tester of the App. publish_stream is deprecated though, what you probably want is publish_actions.
If it still does not work with an Admin/Dev/Tester and the publish_actions permission, i´d suspect a bug. In that case you could report it: https://developers.facebook.com/bugs/
I am working on an app that uses facebook's check in feature from mobile phones. I have created multiple versions of the app on facebook so that i can keep production, test and development separated. All good. However, all my checkins whether test or dev or prod are going to the live facebook platform leading to check ins like "this is a test" or "blah blah" on live facebook pages. Is there a way to be able to check in but not on these real/live pages? In other words, is there a sandbox or development version where developers can freely update content?
Thanks you guys!
Best,
Sachin
So, as with many other things in life, banging my head against the problem helped a bit. I found out that I can create test users for my app - upto 500 of them. The documentation is at http://developers.facebook.com/docs/test_users/. I was able to create test users for my app, login to facebook with those test users and verify that my actions did not show up on public pages. Phew, now i need to deface these public property no more. :-) When doing this, you need to use the app access token not the regular user accesss token. To get that, follow this link: https://developers.facebook.com/docs/authentication/applications/. The last gotcha I faced was that the second link above states that you should have a parameter named grant_type=client_credentials in your graph request. I kept looking for types of client credentials that i could substitute what i thought was a place holder named "client_credentials". That term needs to go in verbatim. (GOTCHA). Also, twice when I tried to create a user, facebook responded with an error json saying that an "unknown error has occured". I was almost ready to give up... but like i said before, banging head against the problem helps. Facebook responded with a json like so after the third request:
{
"id":"*******1832",
"access_token":"*****",
"login_url":"https://www.facebook.com/platform/test_account_login.php?user_id=*****&n=*****",
"email":"****",
"password":"*****"
}
Hope this helps someone else who might also be looking for this info.