I have some C# code that retrieves an access token using Facebook.JsonObject and can post to my profile wall on facebook with no problems.
However, if I try to use that same access token to retrieve details of my facebook business pages so I can post to them, then I get the message "user access token is required to request this resource".
I thought the access token I had retrieved that allowed me to post to my profile was a user access token. What is the difference, and how do I get a user access token?
This is the code I am using to get the access token:
facebook.JsonObject AuthResult = (Facebook.JsonObject)Oauth.GetApplicationAccessToken(parameters);
object Access_Token = "";
AuthResult.TryGetValue("access_token", out Access_Token);
FacebookClient FBClient = new FacebookClient(Access_Token.ToString());
More information:
I need my customer's c# application to post directly to my customer's facebook business page via code without the application "allow access" box popping up and any redirects to applicatoins taking place. Therefore I need to get the User Access Token programatically without facebook being logged in or open etc.
Any (non-sarcastic) help very gratefully received.
Thanks
I thought the access token I had retrieved that allowed me to post to my profile was a user access token.
Does that method name,
(Facebook.JsonObject)Oauth.GetApplicationAccessToken(parameters);
===========
really sound to you as if it was supposed to give back a user access token? Sorry, but to me it doesn’t …
If you are not familiar with the different types of authentication and access tokens, please read this first: https://developers.facebook.com/docs/authentication/
Related
I am using PHP for accessing Facebook friends location. I want to access location of all friends. I read that it requires "access tokens" to get client's public information from here
https://developers.facebook.com/docs/facebook-login/access-tokens#apptokens
and here
https://www.sammyk.me/access-token-handling-best-practices-in-facebook-php-sdk-v4
Is that token will be provided by Facebook at that instant of time or my app needs to wait till friend's approval.
I saw this post on stack overflow: How to get user access token?
But i still i can't figure out what if friend is offline. How that token will be passed to my application?
Or is it like that "Tokens are generated by Facebook at time when my application made the request but i can only access the user information later using the same token if he has given permission (when he gets logged in)".?
I am unable to find any explanation regarding this.
Thanks.
You can´t get the location of friends at all. Friend permissions have been removed for privacy reasons, you can only get data of users who authorized your App too. Check out the changelog for more information: https://developers.facebook.com/docs/apps/changelog
That being said, there are different Access Tokens. You can get an App Token without authorization, but you need to implement an authorization process for User or Page Tokens.
More information:
https://developers.facebook.com/docs/facebook-login/access-tokens
http://www.devils-heaven.com/facebook-access-tokens/
I don't understand something important about permissions and how to grant them. I've made a Facebook page, and I've made an app. I would like the app to be able to post to the page.
Below is my code. I'm using the fb_graph ruby gem, btw (https://github.com/nov/fb_graph)
app = FbGraph::Application.new('531508086900000000', :secret => 'd705fda7275125913a10000000000')
token = app.get_access_token
page = FbGraph::Page.new('000000000000000')
note = page.note!( :access_token => token, :subject => 'testing', :message => 'Hey, testing you!')
And this is the error:
FbGraph::Unauthorized: OAuthException :: (#200) Requires extended permission: publish_actions
I've looked everywhere I can think of on both the app and the page settings but can't figure out how to do this. Help appreciated!
You need to grant access via a user access token.
The current token in your case is an application access token.
Use one of the methods listed at https://developers.facebook.com/docs/facebook-login/permissions/v2.1#adding
Specifically https://developers.facebook.com/docs/facebook-login/manually-build-a-login-flow/v2.1#login
I voted up phwd's answer for the help s/he was to me here and in IRC. But it still wasn't really enough information to make sense of why this is so hard. I've decided to post my current working understanding of how this works. These are just my own notes, so I'm sorry in advance for anything unintelligible.
So, getting the right access tokens is f***ing hard, and here's my current understanding:
In order to get a token that last forever so that my app can post to a page I have to do this:
1. Create a short-lived user access token with the right scope for the app (manage_pages, publish_actions) using the explorer
- page access tokens can be obtained via /me/accounts from the explorer page
- if the user access token that is "live" during the /me/accounts request is short lived then this page access token will be too
- if it is an extended long-lived token the page access token will have no expiry according to https://developers.facebook.com/docs/facebook-login/access-tokens
2. Extend short-lived user access token to a long-lived one via a graph api call, also using exploer (see below)
3. Execute the /me/accounts call to get a page token that doesn't expire
How to get a long lived user access token
oauth/access_token?grant_type=fb_exchange_token&client_id=531------------&client_secret=e005f031ba3d98------------------&fb_exchange_token=CAAHjZA163IbMBAMKSeFTmeV9------------------------------------------------------------------------------------------------------------------------------------------------fonA4P4bPhhdveMLvZBKldEGCB7EvF301wQv1YPrudy5kvI
where
client_id = App Id
&client_secret = App Secret
&fb_exchange_token = short lived user access token via explorer with proper scope
This gives you the following long lived access token
access_token=CAAHjZA163Ib---------------------------------------------------------------------------------------------------------------------------------------------------------------------ehS8g2ZBYU8uZBPmdMay3AAj5tXgAZDZD&expires=5179843
This is an extended user access_token
This token can be used to post to the page it was genrated for.
It can also be used to get a no-expiry page access token when used to issue /me/accounts
from facebook :
Page Access Token
These access tokens are similar to user access tokens, except that they provide permission to APIs that read, write or modify the data belonging to a Facebook Page. To obtain a page access token you need to start by obtaining a user access token and asking for the manage_pages permission. Once you have the user access token you then get the page access token via the Graph API.
Having problems gaining access to a users photo's from my Facebook app.
I request the apps token at runtime using: (replacing the values in [] brackets with actual values.
https://graph.facebook.com/oauth/access_token?client_id=[clientid]&client_secret=[clientsecret]&grant_type=client_credentials
I then try to access a users photo using that access token, ie:
https://graph.facebook.com/fql?q=SELECT pid, src_big, src_small FROM photo WHERE pid IN('4313357036026642248','4313357036026642249','4313357036026642250','4313357036026642251','4313357036026642252','4313357036026642253','4313357036026642254')
The user has authenticated themselves with my app and accepted the USER_PHOTO permissions.
However I get 0 results back. I do get results back when I use that users access token rather than the app token.
I have proven this issue on the graph explorer:
https://developers.facebook.com/tools/explorer?method=GET&path=1004281695
Anyone got any ideas why an app that has been granted access to a user photos cannot get those photos using the app access token ?
Thanks in advance, Rhys
Because with very few exceptions, you can only access a user's data using a valid access token for that user (or one of their friends, depending on the privacy of the object in question).
In this case, use the user's access token, the app access token is for acting on behalf of the app and shouldn't really be used for user-specific calls, as it won't be able to see non-public information except with very limited circumstances
On this page:
http://developers.facebook.com/docs/opengraph/using-app-tokens/
It describes how to get the app access token, yet the token it returns is different than the one in the open Graph "Get Code" example. The latter is the only one that works. How can I get the second access token using the API? When I try to use the first example, I basically get something back that looks like "application ID|secret key" which is different than the real access token.
as documentation states, you will get
access_token=YOUR_APP_ACCESS_TOKEN
string back from the API call. Even though it LOOKS like "application ID|secret key HASH" - it is a valid access token you can use to publish to user's wall. You can verify it's a proper access token using Debug toll from FB: https://developers.facebook.com/tools/debug - just paste the token there.
The reason it might not work for you is because you are trying to publish something to the user's wall who did not authorize your app. Look here: https://developers.facebook.com/docs/reference/javascript/ - for example of how to use your app ID to make user authorize the app. You need to request publish_stream permission for your app from user in order to be able to publish as the app to the user's wall.
And going back to the documentation:
Note that the app access token is for publishing purposes permitted by
the publish_actions and publish_stream permissions. You will be unable
to retrieve information about the status update post with the given ID
using the app access token. Instead, you should use a user access
token for such purposes.
hope that helps.
My offline Facebook application is trying to retrieve the accounts associated with a specific user id who has previously authorized the application:
https://graph.facebook.com/(userid)/accounts?access_token=(token)
Even though I am passing a valid access token, Facebook returns:
OAuthException: An access token is required to request this resource.
I verified that my access token is correct by querying the likes connection with the same userid and access token:
https://graph.facebook.com/(userid)/likes?access_token=(token)
For this second statement, Facebook returns the expected result.
My application has manage_pages and offline_access permissions. The access token I am using is the access token Facebook returned when the user authorized the application. I don't understand why it works for the likes connection but not for the accounts connection.
Facebook provides different access tokens, some are shorter and some are longer. Without realizing the difference, I had used the shorter ones, created as type='client_cred'. These work fine for retrieving friends lists, lists of fan pages, publishing to stream etc. but apparently they do not work for getting accounts information.
Here is an example of both types of access tokens. Apparently the first one lacks session information (which is the middle part of the second access token).
116122545078207|EyWJJYqrdgQgV1bfueck320z7MM.
116122545078207|2.1vGZASUSFMHeMVgQ_9P60Q__.3600.1272535200-500880518|EyWJJYqrdgQgV1bfueck320z7MM.
If your access token is wrong facebook returns this:
{
"error": {
"type": "OAuthException",
"message": "Error validating access token."
}
}
It seems that the token is not passed to the graph api. Depending on which SDK you use to pass the token, there are different errors that can occur. The PHP SDK for example ignores the token you pass and tries to get the token from the session cookie, which causes errors. Could you clarify how are you making the graph api calls?
I have verified that with a valid token you can get the accounts data. Have you tried pasting this into your browser https://graph.facebook.com/(userid)/accounts?access_token=(token)?