On the site i have a several groups - https://drive.google.com/open?id=0B3rVBfRM-EoccDYzQ2phMjZOZ1k&authuser=0 .
But facebook api return me empty response:
https://graph.facebook.com/v2.3/me/groups?access_token=...
{
"data": [
]
}
Why?
You need to have the user_groups permission in order to see a list of groups you are in. Facebook will probably not allow you to use that permission in a production app.
From https://developers.facebook.com/docs/facebook-login/permissions/v2.3
Limited Use
This permission is granted to apps building a Facebook-branded client on platforms where Facebook is not already available. For example, Android and iOS apps will not be approved for this permission. In addition, Web, Desktop, in-car and TV apps will not be granted this permission.
Related
I am working on Instagram API integration to our service. As of 3.6.2019, I have tried to get media for a particular Instagram user account. I have tried to understand the documentation, and this is what I have working so far:
I have an Instagram business account
I did attach my Instagram account to my business page by logging in
I have obtained a page and a user access token via Graph API Explorer. User token has the following permissions:
email
instagram_basic
manage_pages
pages_show_list
pages_messaging
public_profile
I am able to get information about the associated Instagram account like profile_pic and username.
What perplexes me about this is that when I read the documentation, user info retrieval seems to work alright:
However, if I changed the URL to match the media retrieval URL and keeping the same user ID, I get the following error
even through the documentation says:
To get all media objects on an Instagram Business User, send a GET request to the User's /media edge.
And the sample request URL provided:
GET graph.facebook.com/17841405822304914/media
Source: https://developers.facebook.com/docs/instagram-api/reference/user/media/
What am I doing wrong? The URL seems to follow the documentation description. I did use the user access token for the media request. The access token contains permission for instagram_basic, as needed based on the documentation:
Permissions
An access token from the Instagram Business User, with the following
permissions:
instagram_basic
I am using API version 3.2.
Do you really use the right instagram id? Try calling this API with the ID you used:
https://graph.facebook.com/v5.0/[ENTER_ID]?fields=instagram_business_account{id, username,profile_picture_url}&access_token={}
I you get a result like this:
{
"instagram_business_account": {
"id": "XXXXXXX",
"username": "XXXX",
"profile_picture_url": "https://scontent.xx.fbcdn.net/v/t51.2885-15/44644278_733652060347074_11957"
},
"id": "XXXXXXX"
}
You know, that you used the wrong ID :D
Go ahead and call the /media endpoint with the ID nested under instagram_business_account
I'm building an AspNet Core 2.1 website using Azure AD B2C authentication, based on the example code I found here.
I can authenticate against the Google identity provider. But instead of showing a custom page based on the attributes I selected for the signup/signin policy in the Azure AD B2C portal, all I get is the normal Google authentication page asking me which Google account I want to authenticate against.
I was able to display a custom page listing all the attributes I'd defined in an earlier version of my project, which used the deprecated microsoftonline.com domain. But now that I'm using the recommended b2clogin.com domain the page is no longer appearing. I don't know if that change has anything to do with the missing page, but I thought I'd mention it.
My appsettings.json file is:
{
"AzureADB2C": {
"ApiScopes": "https://ridemonitor.onmicrosoft.com/api/user.read",
"ApiUrl": "https://ridemonitor.azurewebsites.net/hello",
"CallbackPath": "/signin-oidc",
"ClientId": "**redacted**",
"Domain": "ridemonitor.onmicrosoft.com",
"EditProfilePolicyId": "b2c_1_ProfileEditing",
"Instance": "https://ridemonitor.b2clogin.com/tfp",
"RedirectUri": "https://localhost:44305/signin-oidc",
"ResetPasswordPolicyId": "b2c_1_PWReset",
"SignUpSignInPolicyId": "b2c_1_SignUpIn"
},
"Logging": {
"LogLevel": {
"Default": "Warning"
}
},
"AllowedHosts": "*"
}
Update
I've configured two identity providers for my app, Google and Microsoft Account. The Microsoft Account provider does, in fact, display a customized page listing all the attributes I set in the Azure AD B2C portal when I authenticate it. It's just the Google route which has stopped displaying the custom attribute page.
The redirect uri in Google Cloud Platform -> Credentials is:
https://ridemonitor.b2clogin.com/ridemonitor.onmicrosoft.com/oauth2/authresp
which is the url I should be sent to, and used to be sent to by the Google identity provider, and is the url the Microsoft Account identity provider sends me to when I try to log in.
It looks like I need to update something in my Google configuration, but I'm not sure what.
Update #2
Using the Chrome developer's console, and Link Redirect Trace, I tried to see how I ended up on the pages I ended up on after clicking both the Google and Microsoft Account signin/signup links.
The Google button lands me on the generic Google login page. The initial redirect (there are several subsequent ones) appears to be:
https://accounts.google.com/signin/oauth?client_id=769952297467-qhqd9brt7pl4sra1hnjhnnqchce2h6f1.apps.googleusercontent.com&as=c-8m6tr-h2tUDpRHqIApkQ&destination=https://ridemonitor.b2clogin.com&approval_state=!ChR4aFltdld5TGNwWUEyUlA1R0R6TRIfczBDdExlN01TRElYa013TWpqbVNUV1h5alREUVloWQ%E2%88%99ANKMe1QAAAAAW7K6uQbexonsHodkbBOebSymUYB1yufO&oauthgdpr=1&xsrfsig=AHgIfE8msp705-PG2II5uHWqjoODqYSLPg
The initial redirect for the Microsoft Account button is:
https://login.live.com/oauth20_authorize.srf?client_id=704398a8-908a-4512-9cc0-4453014b4714&redirect_uri=https%3a%2f%2fridemonitor.b2clogin.com%2fridemonitor.onmicrosoft.com%2foauth2%2fauthresp&response_type=code&scope=openid+profile+email&response_mode=form_post&nonce=TQsICDEyv245x1E4pkQynQ%3d%3d&state=StateProperties%3deyJTSUQiOiJ4LW1zLWNwaW0tcmM6ZjBlYmQ4OTUtNmVjYS00NzBhLWE4ZDYtY2U4NTgyYzFmZmNjIiwiVElEIjoiNzIwZDg5NDEtNmM2Zi00YzIzLWI5MWEtZDMyZjJjODA5Yjk4In0
Comparing the two initial redirects, what's interesting is that the one for Google does not contain a parameter for the redirect_uri. Which I presume is the place the browser should be sent after a successful authentication.
Yet my Google credentials page would appear to be set up correctly:
Or am I maybe not configuring stuff in the right part of the Google ecosystem? I thought I was following some Microsoft directions regarding Google credentials, but...
Do you get any error messages?
Try using your browser's dev tools to check any error logs and identify the CSS styling that took effect in your html elements. It's possible that your custom classes are being those overwritten by the Google default styling.
You can edit the CSS within your browser's dev tools and then update the CSS files in Azure Blob Storage when you are happy with them.
Refer also to this thread and this one to see if these issue might be similar to yours.
My application use facebook authentication to ask the user permissions to manage his ads. i use the following scope:'public_profile,ads_management,ads_management'
but in the login window it shows only public profile which will an invalid access token for the ads management.
have a look at this answer https://stackoverflow.com/a/25901780/5410373
the ads_management extended permission is only granted to whitelisted apps. So if the Graph endpoint you're hitting requires that permission then you'll have to get your app approved. Check out the getting started overview https://developers.facebook.com/docs/reference/ads-api/overview
and this answer : https://stackoverflow.com/a/24753070/5410373
All permissions except
public_profile
user_friends
email
require a review of your app by Facebook before you can use them publically. See https://developers.facebook.com/docs/apps/review/login#do-you-need-review
Using django-allauth with linkedin however can't get full profile details from profile of the user.
in the settings file
SOCIALACCOUNT_PROVIDERS = {
'stackexchange': { 'SITE': 'stackoverflow' },
'linkedin':{'SCOPE': ['r_basicprofile', 'r_emailaddress']}
}
and on the account I check extra_data and get
{u'firstName': u'Samuel', u'lastName': u'Muiruri', u'pictureUrls': {u'_total': 1, u'values': [u'https://media.licdn.com/mpr/mprx/0_C1AR7HY-6mvzKOYWkCPzody-62WvzgOW5_7nWd8yaZHnlyuFFiKcIigGyxn']}, u'pictureUrl': u'https://media.licdn.com/mpr/mprx/0_dCvykIHSymsQZ-MUdbc_kWwSpuuw4-4UI5TikeHriWZsFnfR5k5KoHyO-G2vUzJBHTBCwfVnu3gN', u'emailAddress': u'muiruri.samuel#gmail.com', u'publicProfileUrl': u'https://www.linkedin.com/in/samuel-muiruri-a5235532', u'id': u'_xLBtzYkuK'}
on linkedin dev oauth page I've selected email and r_basicprofile
UPDATE
The available options for linked in oauth 2
and given rights when login in via linkedin
If on the linkedin page you’ve only given your app access to r_basicprofile you can’t get r_fullprofile. To give your app access to the full profile, give it access to r_fullprofile on the linked in oauth page.
From the LinkedIn docs
All REST API calls require certain permissions to be granted from the LinkedIn member before they can be made. This system ensures that members are made aware of what an application could possibly access or do on their behalf before approving it.
The permissions that members are asked to grant are determined based on the permissions you tell your application to ask for during the OAuth 2.0 authentication process. They can be specified within the LinkedIn application configuration itself, or they can be explicitly requested using the scope argument during the authorization step of the OAuth 2.0 process.
I have a facebook application, not yet submitted to FB for permission review.
The app is intended to allow user to post and reply to other people's post as their own administrated page.
Upon authorization, the application would request the following permission
Publish action
Publish Pages
Manage Pages
I used my own account, with tester role in the app, to granted all requested permission and verified the result in permission is indeed there in my app settings for the application. I have also verified that my account is an administrator of the page I intend to reply as.
It all seems ok until I tried to post a reply to the API using the page token
https://graph.facebook.com/postid/comments
I receive an error:
{
"error": {
"message": "(#200) You do not have sufficient permissions to perform this action",
"type": "OAuthException",
"code": 200
}
}
I can't think of any reason why the permission is missing. I understand that the three permissions need to be approved by Facebook eventually, but to get approval, I'd need to get my app up running for testing first. Is there anything I'm missing here?