I am trying to get to grips with the Graph API. Is i,t correctly understood that if I want to ask for my own, say friends, through code, I should
register my application and get an app access token
Login with my own credentials and get an user access token?
I find it difficult to grasp the concepts from the documentation.
The flow should go like :
User adds the app and gives the permissions.
Which returns the access_token (user access token) which is used to query datas.
Generally speaking, You ask for permissions, and you get a key which can open the locked contents. That is the access_token.
Difference between App Access_token and User access_token :
App access_token is needed when you do something as the app. Like getting the insights for the app, or working with subscriptions, so and so.
User access_token is needed when you want to act as the user who have the app added in their account.
With reference to your question, You clearly doesnt need App access_token.
You need to do both.
Registering your application tells Facebook where those requests are coming from. They monitor what requests your app is making to police apps that violate your terms.
Once you have that app, you personally authenticate it to get information from or post information to Facebook on your behalf. The app must ask for specific permissions and you have to grant these for it to work.
Related
I have an application allowing users to sign in using their Facebook and Twitter accounts. I only need a very basic information like their email address and full name. Everything works fine and as planned.
Accounts.ui.config({
requestPermissions: {
facebook: ['email'],
github: ['user:email']
}
});
But, now I need to implement a feature posting to a Facebook page and Twitter on behalf of the admin users only. So, I need to get additional permissions from specific users only.
Admin users are eligible to manage our page at Facebook. The app needs to request additional permissions to be able to post to the page. I wan't to keep those basic permissions for regular users.
How can I accomplish that?
One way you can do is,
If you know that logged in user is Admin, put the re-authenticate button in user-dashboard (or somewhere which makes sense) that will do authentication user of user for whatever permissions as required by application.
This will basically do, oauth with social service like usual and upon completion you will get aceess code and against this code get the re-newed access token from social service. (This is normal , how you basically do the oauth manually) Now, use this access token to post to social services.
For this, you will need to use node modules such as for facebook -fb_graph , for twitter- twiiter
Hope this helps
Unfortunately I'm struggling to understand the documentation provided by Facebook.
This is the scenario:
- Some of my iPhone Apps are also registered as Native/Desktop Apps on Facebook in order to support the Facebook Audience Network.
- I'm building a tool in python which will retrieve data from the reporting API in order to run some automated analysis on specific metrics (request, impressions and so on).
The question is: how do I retrieve this data?
The documentation for the reporting API is here: Reporting API
However I'm struggling with the access token.
It says that I could use the specific App Token available here: App Tokens
However by using such token, I get an error saying that app tokens can't be used for Desktop/Native Ads.
What is the correct way to do it then? Here is where I struggle to understand Facebook Documentation.
My guess is that I should use a User Access Token instead, generated for a user that is also the admin of the App for which I want to retrieve the insights.
What really freaks me out is that apparently, this can't be done with normal HTTP calls only but it requires instead to go through the Facebook Login Dialog. I also need to create another Facebook (web) app because there is no way to get a simple "User Object"... Everything needs to start and go through a registered Facebook App. And there's no way to go through these steps by using backend code only.
So... to recap... in order to read the Insights for a Native/Desktop Facebook App (APP_A), I have to:
- Create a new Web Facebook App (APP_B)
- Create a web interface somewhere for APP_B) which will trigger the Facebook Login Dialog and request the read_insights permission.
- Login through this web interface and generate a User Access Token
- Put this User Access Token in my backend code and run the scripts that retrieve the data provided by the Reporting API for APP_B
Really... to me... it doesn't make any sense to create a new Facebook App in order to access the data of another Facebook App.
Isn't there another better, simpler, quicker, cleaner way to achieve the same final result?
i am trying to use /me/likes/pageID the same way i used pages.isFan (REST API).
But it always uses the user/page as me for which i created the access token and not the current active user.
can't get my head around this one, any help is appreciated!
thanks
[from comments] but do i really need to create an application to "just" check if the user is fan of my own page? and even ask his authorization?
Yes, you will need an app in any case.
If you run your app as a canvas or page tab app inside of Facebook, then you get the info if the current user liked the very Facebook fan page the app is running in(!) directly from the signed_request parameter.
If you want to query this infor for other pages, and/or your app is running outside of Facebook, then you have to have the user connect to your app and ask permission to read his likes first, before you can get this info.
For information on the latter case, see https://developers.facebook.com/docs/authentication/, https://developers.facebook.com/docs/authentication/permissions/#user_friends_perms, https://developers.facebook.com/docs/reference/api/user/#likes
It is easy: With the new Graph API, the owner of the access token is me. You can see this by pasting an access token into the debugger.
You should be authenticating your user and gaining an access token in their name each time they visit your site. Then use only this access token when you make your query.
This process is easiest if you use one of the Facebook SDKs.
I'm trying to use the facebook API on the backend of a website. Essentially, I want to be able to create events using a Djano app and have it create the corresponding facebook events.
The organization I am creating events for already have a facebook page. I only am concerned with posting events on that organization's page. I am the admin for the organization so I know all the login info.
What I am am trying to figure out is how I can setup the access token such thatit just works for the organization without any need to login to the facebook app. I was thinking that setting a static access token would do the trick, but I cannot find anyway to do it.
So, what is the standard way to create a facebook app that only interfaces with one predefined user?
Im not entirely sure what you're trying to do. However the static access token has now been deprecated. Do you want to: create an event for the person using the page, or for the company's page/profile?
Hope I can help
I created web application using Facebook C# SDK 5.3.2. I can post messages to my wall. But I want to collect access tokens for my friends' Facebook accounts and store them to use later to post messages to their wall.
Is it possible to get their access token with their Facebook account info. I can get access token for myself with "App ID" and "App Secret. Do I need also add application for my friends' Facebook to get this credentials.
You don't need to store access_token for any user, since it's something time based.
Instead ask for publish_stream permission and post messages to their wall using application access_token
From Facebook documentation on publish_stream permission:
Enables your app to post content, comments, and likes to a user's stream and to the streams of the user's friends. With this permission, you can publish content to a user's feed at any time, without requiring offline_access. However, please note that Facebook recommends a user-initiated sharing model.
the only way to get it done, is that your friends login into your application with their accounts and grant you the publish permission (if you want to publish when they are online) and the offline_access permission, to publish in any moment.
You have to think in the big security issue that this situation potentially represents.
Good luck.