In my facebook application, when the users first starts using it,the app request very basic permission. At a later stage, I need to request extended permission to allow the app to upload photos, I'm googling when falling only on the legacy part:
FB.Connect.showPermissionDialog("photo_upload",permissionHandler);
Does someone has any idea how to get permission for uploading photos using the new sdk??
There is no photo_upload permission. But, you can upload photos using the publish_stream permission instead. And you can see the user's photos using the user_photos permission.
To obtain extended permission from the user, there are two ways to ask the permission from the user. In either way, the finality is to get the permission from the user:
Opens a popup and ask the user the extended permission
FB.login(function(response) {
if (response.authResponse) {
// user is logged in and granted some permissions.
} else {
// User cancelled login or did not fully authorize.
}
}, {scope:'read_stream,publish_stream,offline_access'});
Open a new window and ask the user the permission
window.location="https://www.facebook.com/dialog/permissions.request?app_id=&next=https://apps.facebook.com//&type=user_agent&perms=user_photos,publish_stream,friends_photos&fbconnect=1";
You also need to know which permission you want from the user. Here is a list of permission that you can ask from a facebook user
Related
My application use facebook authentication to ask the user permissions to manage his ads. i use the following scope:'public_profile,ads_management,ads_management'
but in the login window it shows only public profile which will an invalid access token for the ads management.
have a look at this answer https://stackoverflow.com/a/25901780/5410373
the ads_management extended permission is only granted to whitelisted apps. So if the Graph endpoint you're hitting requires that permission then you'll have to get your app approved. Check out the getting started overview https://developers.facebook.com/docs/reference/ads-api/overview
and this answer : https://stackoverflow.com/a/24753070/5410373
All permissions except
public_profile
user_friends
email
require a review of your app by Facebook before you can use them publically. See https://developers.facebook.com/docs/apps/review/login#do-you-need-review
I'm trying to retrieve a photo of a user different from the logged one, here what I did:
I have 2 different users that granted "user_photos" permission to my app
I'm able to retrieve the photos uploaded by USER_1 through the API
https://graph.facebook.com/v2.5/me/photos/uploaded?access_token=USER_1_TOKEN
Let's suppose I'm interested in the photo with id PHOTO_ID_123 (privacy public) and I want USER_2 to be able to view that photo. I should call the following API:
https://graph.facebook.com/v2.5/PHOTO_ID_123?access_token=USER_2_TOKEN
(note the different token user in the latter call)
The issue is that now I'm getting the following error from FB:
{
"error": {
"message": "Unsupported get request. Please read the Graph API documentation at https://developers.facebook.com/docs/graph-api",
"type": "GraphMethodException",
"code": 100,
"fbtrace_id": "GmYciGz/Mpd"
}
}
These two users are mutual friends on facebook, but since the photo is public I expect to be accessible even in case the two users are not mutual friends.
Of course the following API call
https://graph.facebook.com/v2.5/PHOTO_ID_123?access_token=USER_1_TOKEN
is working as expected (it does return photo related data). If USER_2 try to access PHOTO_ID_123 from browser (inside facebook website), he can see the photo.
What am I missing? Is this even possible? To me it seems possible from fb doc: https://developers.facebook.com/docs/graph-api/reference/photo/
Permissions
Any valid access token can read photos on a public Page. A page access
token can read all photos posted to or posted by that Page. A user
access token can read any photo your application created on behalf of
that user. A user's photos can be read if the owner has granted the
user_photos or user_posts permission. A user access token may read a
photo that user is tagged in if they have granted the user_photos or
user_posts permission. However, in some cases the photo's owner's
privacy settings may not allow your application to access it.
Thanks
If i authorize an App with user_photos, i would not want any other App User to be able to see my photos - at least not without my permission per photo. So it does make sense not to be able to access photos of one user with the Token of another.
You could let the User select some photos and store it on your server if you want that to happen. Just because something is public on facebook.com does not mean you can grab it with the API, that would make a lot of permissions pointless.
I am using Facebook Ad Api to create ads. How ever when i grant a user Administrator Role (1001) with the following api call:
https://graph.facebook.com/v2.5/<AD_ACCOUNT_ID>/users?role=1001&uid=xxxxx
it successfully creates the user, and when i get all the users using the following request:
https://graph.facebook.com/v2.5/<AD_ACCOUNT_ID>/users
it successfully returns the array as:
"{"data":[{"name":"firstname lastname","permissions":[1,2,3,4,5,7],"role":1001,"id":"101xxxxxxxxxx352"}}"
but when i try to create an Ad campaign or Adset with the newly added user the following exception is thrown:
[FacebookAds\Http\Exception\AuthorizationException]
(#272) This Ads API call requires the user to be admin of the application. User 16xxxxx351 not admin or developer for application 109xxxxxxxx0403.
And when i go to my app and assign the user with an Administrator or Developer Role, I can make requests successfully.
Why is facebook not allowing a user created with administrator role from the api not make api calls to its Ad Api ? And why does it allow when the user is granted Administrator/Developer role make requests ?
This is because the objects you can promote are not based upon an adaccount but are based upon your user.
You can see the connection objects a user has access to by make the following request:
<API_VERSION>/act_<AD_ACCOUNT_ID>/connectionobjects?access_token=<ACCESS_TOKEN>
The documentation states:
this call returns the IDs of all objects for which the current session
user is an administrator, and the IDs of apps for which the user is
listed as a developer or advertiser.
If you don't want to make additional administrators for your app, you can create system user in Facebook Business Manager, grant him administrator (or even advertiser) rights for Ad Account.
https://developers.facebook.com/docs/marketing-api/business-manager-api
And use his token to manage ads. In my case I used it to retrieve targeting of ads, to find where leads came to lead form from.
https://www.facebook.com/marketingdevelopers/videos/vb.606699326111137/883648801749520/
I have a facebook application, not yet submitted to FB for permission review.
The app is intended to allow user to post and reply to other people's post as their own administrated page.
Upon authorization, the application would request the following permission
Publish action
Publish Pages
Manage Pages
I used my own account, with tester role in the app, to granted all requested permission and verified the result in permission is indeed there in my app settings for the application. I have also verified that my account is an administrator of the page I intend to reply as.
It all seems ok until I tried to post a reply to the API using the page token
https://graph.facebook.com/postid/comments
I receive an error:
{
"error": {
"message": "(#200) You do not have sufficient permissions to perform this action",
"type": "OAuthException",
"code": 200
}
}
I can't think of any reason why the permission is missing. I understand that the three permissions need to be approved by Facebook eventually, but to get approval, I'd need to get my app up running for testing first. Is there anything I'm missing here?
how to give publish_stream permission?If i trying to post on own wall,still it is saying that user is not authorised the application to do this action.I don't have any app.
There are a few ways to do it. Personally I would use the Javascript SDK.
Another way is to update your Facebook App settings (using Facebook Developer App) to require users to permit Extended Permissions 'publish_stream'.
Below is code using the Javascript SDK FB.api function:
FB.login(function(response) {
if (response.authResponse) {
// user is logged in and granted some permissions.
console.log("user is logged in and granted some permissions.")
} else {
// User cancelled login or did not fully authorize.
console.log("he failed to login or something")
}
}, {scope:'publish_stream'});
Inside scope: you can put a comma-separated string of permissions, if you want to ask for multiple.