Action approved - publish_actions still not working - action

This question has been asked many times before, but they all seem to relate to problems before the Open Graph was 'opened'. As a new user, I also can't make this question useful, i.e no images or links. If you want to see the images I've posted, you'll have to copy and paste.
First of all, my Action is approved.
http://i.stack.imgur.com/hAFHr.png
Additionally, the action shows as being available to all users.
http://i.stack.imgur.com/IrrWW.png
publish_actions has been added to the Auth.
http://i.stack.imgur.com/PdJiA.png
I also have objects and aggregations setup correctly.
The auth preview also shows the correct settings (although the dialog currently doesn't stay open to see it, it used to).
When I try and connect with FB to the site, I don't see publish_actions. Instead I see the second stage of the dialog, for publish_stream. I set this by mistake the first time I saved the app, but quickly changed it.
http://i.stack.imgur.com/n819f.png
http://i.stack.imgur.com/gkXfg.png
This is where I think it gets even stranger. If I take a look at the FB profile for one of the app developers, and click through too the app from there, while not registered, I see the correct permissions.
http://i.stack.imgur.com/SsOVI.png
Yet another twist to the tale, which makes it even harder for me to debug, is that it seems since playing with the aggregations, I can't even get publish_actions permissions despite being listed as an app admin. (I've read that every action needs an aggregation before FB will process any actions sent by the server.)
/**/ FB.ApiServer._callbacks.ff2f1615c({"error":{"message":"(#200) Requires extended permission: publish_actions or App must be on whitelist","type":"OAuthException","code":200}});
That's the error I get when I complete the action on the site, http://purple.fr/boutique
Have I missed a setting somewhere? Have I done something I shouldn't? Should any of this be controlled in the code on the site?

When a user connects to your site, you should be asking for the publish_actions permission instead of the publish_stream permission. The referral dialog settings (where you already ask for publish_actions) only works when a user clicks on the action from within Facebook. It won't work for users already on your website.
In your login function (FB.login), make sure you add the permission publish_actions.
That aside, it looks like it's all working now.
http://i.stack.imgur.com/jAosv.png
http://i.stack.imgur.com/Wbgf5.png

Related

Downside to always using auth_type="rerequest" in Facebook login button (for required permissions)?

I've got a Facebook login implementation (for a website, using the javascript API) for which I want the "email" permission to be required. When the user first logs in, they may deny this permission - which is easy enough to detect by a subsequent look at the /me/permissions endpoint. If I do find they've denied it, I don't continue with the login. So far so good.
Then during subsequent logins, to make sure they get re-prompted for that permission, I include auth_type="rerequest" in my login buttons (which may be rendered via either xfbml or a link with onclick=FB.login(...)).
While this appears to be working, my question is: if I always want the permission to be required, is there any disadvantage to ALWAYS including auth_type="rerequest" in my login buttons? I don't see anything to the contrary in the documentation, and it appears not to have any adverse affect on new users or users who've not denied the permission (i.e. it only changes the login flow - by re-prompting if the user has already rejected something. Which is the behavior I want).
Good practice seems to dictate that I should only include this when I actually know there's something I want to re-prompt, but for the sake of this question, I'd like to know if there are any pitfalls to just always including it.
There is no real downside afaik, but the recommend way is NOT to force users to use permissions they deselected. Instead, show them an input field if they did not authorize the email permission, where they can enter any email they want. Keep in mind that the email field isn't always filled, even if the user accepted the permission.
Are you using Facebook login button? It works for me to re-asking for a declined permission.
Just adding auth_type="rerequest" in the button.
<fb:login-button scope="email,user_birthday,public_profile" auth_type="rerequest" onlogin="checkLoginState();"></fb:login-button>
Hope that can help you.

how to test facebook application with extended permissions, without asking for review

i have read all the answers ( i could find on the matter), and they say, if you are a developer, tester or admin of the application, you should be able to test the app without any problem. I have tried as a admin of the app, developer, tester etc (all the roles given in the developer dashboard) no luck, next i have tried with the test users, still no luck, when i ask the user for the permission (publish_stream), the popup always says
Submit for Login Review Some of the permissions below have not been
approved for use by Facebook.
I have setup the "privacy policy link", i have uploaded the application icon, entered the application description, still no luck. in the mean time, the other two permissions i ask (user_photos and email) work with no problem.
I can't get what i am doing wrong. has anyone had problems like this?how did he manage to solve them? any help will be much appreciated.
P.S the only thing i haven't tried is to submit the freaking app for review, but the app is far from done, so i think, the review will be rejected
You really don´t need to go through the review process for testing, unapproved permissions work for every Admin, Developer or Tester of the App. publish_stream is deprecated though, what you probably want is publish_actions.
If it still does not work with an Admin/Dev/Tester and the publish_actions permission, i´d suspect a bug. In that case you could report it: https://developers.facebook.com/bugs/

Publishing Actions: link back to website from user wall

I am building a website that will require the user to provide permission for us to post a story back to the users wall when the user takes an action on my website. I would like the story to include a link back to my website so that friends can see the actions taken.
I am not sure of the correct permissions because I cannot get a link back to my website from the story post. I saw publish_stream, but that appears to be old now. Any pointers to FB policy and documentation would be appreciated. I
Instead of making stream posts, you should instead use Open Graph actions, which will give you a much better result and feel less 'spammy' to your users. I can't post code that will do this for you as it would need to fit into your existing setup, however it is a relatively simple process, which is well documented (https://developers.facebook.com/docs/opengraph/actions/):
Auth users by prompting them to give publish_actions permission and any other permissions your app might need.
Store the users access token in your database (not necessary if you're using the client-side Javascript SDK, but you might want to do it anyway)
Setup your Open Graph Actions and Objects in the Developer Dashboard.
When a user performs a relevant action in your app, make a simple Graph API call to the following endpoint:
https://graph.facebook.com/me/YOUR_APP_NAMESPACE:YOUR_ACTION? YOUR_OBJECT_TYPE=YOUR_OBJECT_URL&access_token=YOUR_ACCESS_TOKEN
Done.
You can add extra elements to the action, such as action links, however the basics are outlined above. Once you've performed those steps, the user will see something like this on their Timeline:
The part that says 'on NYCCookbook' is customisable and clicking on most parts of this story will bring Facebook users back to your site. There are many benefits you can get if you implement this all correctly.

Facebook Graph API - issues with the publish_actions permissions

Facebook official docs mention that the publish_actions permissions is needed to publish on your FB stream open graph features (actions + objects).
Well, I'm getting a problem to make it work. On the docs it is mentioned that these features are rolling out slowly to all users and will be available soon, but for now, they should be available for the developer and the test users (at least until my actions/objects are approved). Well, this doesn't work, I get an OAuthException ("(#200) Requires extended permission: publish_actions or App must be on whitelist").
So to make it work, I must first go to the Graph API explorer, grant myself manually a permission (publish_actions) to get the token and only then it works(maybe it is buggy?).
The other option is to categorize my app as "game" and then it behaves as expected. They also say we should enable the Enhanced Auth Dialog, so I did, but that didn't help.
Bump
Edit
This was actually in main docs (https://developers.facebook.com/docs/opengraph/tutorial/#authenticate)
To make it work, just use the FBML for the login button with the scope:
<fb:login-button width="200" max-rows="1" scope="publish_actions">
</fb:login-button>
Works only for test users and developers instantly, but I guess that when my actions/objects will be approved, I will be able to roll this to all of my users.

Add To Timeline button not requesting publish_actions permission

I'm using the xfbml Add To Timeline social plugin (https://developers.facebook.com/docs/reference/plugins/add-to-timeline/), but when I click it the permissions dialog I get just says "Access my basic information" and sure enough it isn't actually getting me the publish_actions permission I need to use the timeline. I tried specifying the perm explicitly on the tag like so:<fb:add-to-timeline show-face="false" mode="button" perms="publish_actions"></fb:add-to-timeline> but no luck.
This was working fine yesterday and suddenly now it isn't. I'm wondering if this has something to do with my adding and removing my app from my facebook account multiple times?
This was driving me crazy for a long while. In my case, I fixed it by enabling 'Enhanced Auth Dialog' under the Advanced tab of my app settings.
When asking for publish_actions Facebook shows a preview screen of what sort of aggregations your app will create on their timeline.
In other words, if the preview isn't working, Facebook won't ask for the permission so you're asking in vain. Facebook doesn't make this clear in the docs, but everything needs to be perfectly setup with your app on Facebook to get this to work right.
Enable Enhanced Auth Dialong in the advanced settings of the app
Make sure you have at least one action and one object set up in the open graph section
For each action you must have an aggregation set up.
If you do not do all of these steps, there can be no preview and so Facebook won't ask for permission no matter what.
I faced the same issue. I fixed it by doing the below mentioned two thiings.
a. Enabled 'Enhanced Auth dialog' from 'advanced' setting of the app.
b. blanked 'user and friend permissions' along with 'extended permissions' tab on 'auth dialog' page.
I am not sure what it did, but it started working.
BUT.. Even though the authentication works and the posts are reflecting on my timeline, the add-to-timeline button still shows, 'Add to Timeline'..
The other trick i used is to keep checking the app permissions under account setting tab of my profile page.
Hope this helps !
From Apps -> Settings -> Auth Dialog:
While in Open Graph Beta, the 'publish_actions' permission can only be
requested from developers and test users of your app. The
'publish_actions' permission will be ignored if requested from any
other user.
I had the Enhanced Auth Dialog enabled in the Advanced Settings, yet this did not work until I added a Aggregation Preview for the activity. Strange, but true.
Hope this helps.
The publish_actions permission appears only if the user has added timeline OR if your app is a game. I suppose it will also be available for apps when Timeline will be rolled out to all users...