I'm able to fetch my friends list using Facebook API (which requires me to log into my FB account) and I'm trying to show my friends list to other people visit my site.
I've tried using Twitter and its quite simple. https://api.twitter.com/1/friends/ids.json?cursor=-1&screen_name=codef0rmer returns my followers ids.
Is that possible using Facebook API, If yes, How to do that?
To access the /friends connection you need a valid access token for the current session. This means you can't access this connection for other users
https://developers.facebook.com/docs/reference/api/user/
https://developers.facebook.com/docs/reference/fql/friend/
This means that unless you get a users friends and store them in your database, you won't be able to do this. ( Unless you use longer living access tokens (I say longer living as offline access is being deprecated)
Saying this, I'm not sure if you are allowed to store this information. I know friendslists aren't allowed to be shown to other users so this is potentially dangerous territory on facebook TOS. The privacy policy is here https://developers.facebook.com/policy/ but I think this is something you may need to clarify with Facebook directly as it looks like a slightly grey area
Related
I just want to know if it's possible to do the following:
To display some wall posts from my own facebook account in a php web page, without going through the granting-permission in the user interface level? Because from what I know, you need an access token to use the API, and to get an access token, you need to go through the granting-permission UI. So I am feeling impossible here.
I got my app ID and secret code ready, I just want to know for sure if what I want to implement is even possible to begin with.
Actually, you could change your privacy permissions so that your wall is completely public. The API is then able to access public information without being granted user authorization.
I was also searching the same, as I want to implement it in my project. Now I've got the answer of this. Yes, you can get posts as well as comments from your wall. If you want more details about same, comment below mentioning my name. :)
I want to use the Facebook (Graph) API to show a list of names and pictures of friends of a facebook account (which I own). Do I really need to register my website as an app for this? Since I don't really think of my website as an app... Or can I somehow get an access token that doesn't expire since I can grant access to this list of friends myself?
Think of an app on Facebook as an API Key. Your App is how Facebook identifies who is making the call, what permissions you have, and if you are abusing the system or not.
And no, you can't get access to most Graph API data without a valid Facebook App.
I am building an in-house application which would accumulate the information from several social networks at once. Possibly, the URL of the application will not be known or it will not be allowed anywhere outside localhost.
One of the information pieces I will be accumulating is FQL insights table information: https://developers.facebook.com/docs/reference/fql/insights/ . As you may notice, this information is private, so I just cannot fetch it anonymously.
The application itself is written in a "configure once and use forever" fashion, and possibly the person using the application will not be allowed to the Facebook login credentials at all.
My problem is the Facebook login. As I understand the login with "forever access" is now deprecated and Facebook does not allow API access the same way as Twitter does (creating the forever lasting key and forgetting about it). Question is:
Is there any way to overcome the fact that I need to ask the person for permissions every time I would like to fetch them? What can be the longest period between asking?
My current thoughts about it are:
Creating a dummy user for the 'manager' and giving him read-only
access to FB pages, therefore enabling him to log in to the account.
Then asking him for the permissions every (n) hours when I need them.
Automatic log in to the FB account given that we have the
login/password for the account and obtaining the API key myself.
Which is doable? Did anyone have any experience in doing this kind of things?
What can be the longest period between asking?
You can use Long-lived user access_token which is valid for 60 days.Use below FB call to get extended access token:
https://graph.facebook.com/oauth/access_token?client_id=APP_ID&client_secret=APP_SECRET&grant_type=fb_exchange_token&fb_exchange_token=EXISTING_ACCESS_TOKEN
You can check more details here:
https://developers.facebook.com/roadmap/offline-access-removal/
One more point which is worth to note here:
When a user change his password, deauthorizes an app their OAuth token get expired.
Hope this help !
Is it possible to ban users from using a Facebook application?
I'm not talking about the canvas or the discussions board (which is what I've found by looking around), but the application itself, that is, causing errors or preventing actions whenever the user tries to use the Graph API (in my specific case, an Android app that uses the Graph API to provide some features).
The scenario I'm envisaging is something like this:
user authenticates app to use its features and gets the access_token;
user uses the Graph API according to the app permissions;
user someday does something he shouldn't;
user is banned and, even if the access_token is still valid, Graph API requests fail, and will always fail even when deauthorizing and authorizing the app again.
Is this possible using the Graph API or the developers app console on Facebook, right now, or is there really no way to prevent users from misusing your application? I guess I may do something "out of band" to enforce this somehow, but being able to do it at the Facebook level as well would be much more effective and harder to circumvent.
See https://developers.facebook.com/docs/reference/api/application/
Use the 'banned' connection of the Application object to ban specific users from your App - you'll need the App access token to do this
Just create a blacklist of specific Facebook User IDs, and check the user's ID against the blacklist when they log into your app.
If the blacklist matches, show a message telling them that they are banned and don't allow access to any functionality.
I've been pouring over Facebook's Graph API but I can't seem to find any documentation with regards to retrieve comments users leave as they Like an Open Graph object (in my case, a web page with a Like button).
At a minimum, I would assume that there would be some way to retrieve comments from users whose privacy settings allow anybody to see their updates (I guess this might require me to know the UID of everybody who Likes my web page). Alternatively, there might be some method where user comments may be associated with the Open Graph object's stream instead.
Anybody?
To see a user's wall feed via the API (even public ones) you will to have them authenticate your app. Yeah, pretty crappy not to be able to query their public messages, but it is a current limitation of Facebook's API.