Facebook official docs mention that the publish_actions permissions is needed to publish on your FB stream open graph features (actions + objects).
Well, I'm getting a problem to make it work. On the docs it is mentioned that these features are rolling out slowly to all users and will be available soon, but for now, they should be available for the developer and the test users (at least until my actions/objects are approved). Well, this doesn't work, I get an OAuthException ("(#200) Requires extended permission: publish_actions or App must be on whitelist").
So to make it work, I must first go to the Graph API explorer, grant myself manually a permission (publish_actions) to get the token and only then it works(maybe it is buggy?).
The other option is to categorize my app as "game" and then it behaves as expected. They also say we should enable the Enhanced Auth Dialog, so I did, but that didn't help.
Bump
Edit
This was actually in main docs (https://developers.facebook.com/docs/opengraph/tutorial/#authenticate)
To make it work, just use the FBML for the login button with the scope:
<fb:login-button width="200" max-rows="1" scope="publish_actions">
</fb:login-button>
Works only for test users and developers instantly, but I guess that when my actions/objects will be approved, I will be able to roll this to all of my users.
Related
I am making a server-to-server Facebook 'app' so that some of the news articles we post to our own website can be posted on our own Facebook page too. I have read 14 squintillion pages of documentation, but cannot find how to get the publish_pages permission for myself or the app.
I have coaxed the app through the review process, and got the manage_pages permission allowed. I thought I had to submit all over again, to get publish_pages too, but the documentation says no. Apparently anyone appearing in the Roles for the app can grant the necessary permissions.
I have set myself up as admin for the app, yet when trying to get a token using the Facebook developer tools, I am never shown publish_pages. So even if I create a non-expiring token (my end goal) it is rejected with a message about the lack of publish_pages.
Shouldn't I be seeing more permissions listed here?
I'm sure I've read all relevant parts of the official documentation, plus StackOverflow answers and several unofficial walk-throughs, but I cannot work out what I am missing...
I thought I had to submit all over again, to get publish_pages too,
You do.
but the documentation says no. Apparently anyone appearing in the Roles for the app can grant the necessary permissions.
That is for apps in dev mode. Any of those users can grant the permission to your app, while it is in dev mode. But whatever you publish through your app, will only be visible to this group of users only, and not to the general public.
For the content to be visible to everyone, your app needs to be in live mode.
Before you can ask people - even those with a role in the app - for publish_pages when your app is in live mode, you need to submit that permission for review.
My app integrates Facebook login with the following permissions :user_education_history and user_work_history. The app was working just fine until today morning when I attempt to login I get the following error:
invalid scopes: user_education_history, user_work_history. This message is only shown to developers other app users will ignore these permissions if present.
I went through the docs and I discovered that they were deprecated on the 4th of this month but I cannot seem to find the new permissions for the education and the work history ... any help ?
Facebook is removing access to a lot of things as a result of recent negative press surrounding data mining of their users. In almost all cases the information is simply no longer available, there is no alternative method to access it.
More information is available in the Facebook developer blog:
https://developers.facebook.com/blog/post/2018/04/04/facebook-api-platform-product-changes/
https://developers.facebook.com/blog/post/2018/04/24/new-facebook-platform-product-changes-policy-updates
Note that the message you mention is only shown to Facebook accounts with developer credentials. Regular Facebook users don't see this message and the Facebook API simply ignores requests for scopes which are no longer allowed. If the data being requested are optional in the context of the app, you should create a test Facebook account and see how it behaves when requesting the data doesn't return anything (or causes unexpected errors).
I'm currently toying with the Facebook Graph Api and have been able to get some interesting results, I would like to be able to post to one of my Facebook App users pages. They have authenticated the app and confirmed the ability for my app to be able to post on there wall. I know there is the can_post check using FQL, but I haven't seen any information on this using the Graph API. Is there a possible check to make so I can see if I have the ability to post on there wall?
can_post
https://developers.facebook.com/docs/reference/fql/user/
This settings is actually a setting of the timeline:
This setting only affects the viewers of the specific timeline and does not apply to the owner of the timeline.
can_post - bool - Whether or not the viewer can post to the user's Wall
Beyond this settings, by authenticating an application and giving it certain publishing permissions, the application, using it's per-user per-app access token will be able to perform actions on behalf the actual user. Actions will be attributed to the user even though it is the application that initiated and published these stories.
To answer what I assume is your underlying question - your application, given the appropriate permissions, will always be able able to publish a story to the users timeline. The act of giving an application any permissions is the same as allowing the application to act as you and access everything you would be able to access. This includes posting a story to your own timeline (even if no other user would be able to).
This question has been asked many times before, but they all seem to relate to problems before the Open Graph was 'opened'. As a new user, I also can't make this question useful, i.e no images or links. If you want to see the images I've posted, you'll have to copy and paste.
First of all, my Action is approved.
http://i.stack.imgur.com/hAFHr.png
Additionally, the action shows as being available to all users.
http://i.stack.imgur.com/IrrWW.png
publish_actions has been added to the Auth.
http://i.stack.imgur.com/PdJiA.png
I also have objects and aggregations setup correctly.
The auth preview also shows the correct settings (although the dialog currently doesn't stay open to see it, it used to).
When I try and connect with FB to the site, I don't see publish_actions. Instead I see the second stage of the dialog, for publish_stream. I set this by mistake the first time I saved the app, but quickly changed it.
http://i.stack.imgur.com/n819f.png
http://i.stack.imgur.com/gkXfg.png
This is where I think it gets even stranger. If I take a look at the FB profile for one of the app developers, and click through too the app from there, while not registered, I see the correct permissions.
http://i.stack.imgur.com/SsOVI.png
Yet another twist to the tale, which makes it even harder for me to debug, is that it seems since playing with the aggregations, I can't even get publish_actions permissions despite being listed as an app admin. (I've read that every action needs an aggregation before FB will process any actions sent by the server.)
/**/ FB.ApiServer._callbacks.ff2f1615c({"error":{"message":"(#200) Requires extended permission: publish_actions or App must be on whitelist","type":"OAuthException","code":200}});
That's the error I get when I complete the action on the site, http://purple.fr/boutique
Have I missed a setting somewhere? Have I done something I shouldn't? Should any of this be controlled in the code on the site?
When a user connects to your site, you should be asking for the publish_actions permission instead of the publish_stream permission. The referral dialog settings (where you already ask for publish_actions) only works when a user clicks on the action from within Facebook. It won't work for users already on your website.
In your login function (FB.login), make sure you add the permission publish_actions.
That aside, it looks like it's all working now.
http://i.stack.imgur.com/jAosv.png
http://i.stack.imgur.com/Wbgf5.png
I'm using the xfbml Add To Timeline social plugin (https://developers.facebook.com/docs/reference/plugins/add-to-timeline/), but when I click it the permissions dialog I get just says "Access my basic information" and sure enough it isn't actually getting me the publish_actions permission I need to use the timeline. I tried specifying the perm explicitly on the tag like so:<fb:add-to-timeline show-face="false" mode="button" perms="publish_actions"></fb:add-to-timeline> but no luck.
This was working fine yesterday and suddenly now it isn't. I'm wondering if this has something to do with my adding and removing my app from my facebook account multiple times?
This was driving me crazy for a long while. In my case, I fixed it by enabling 'Enhanced Auth Dialog' under the Advanced tab of my app settings.
When asking for publish_actions Facebook shows a preview screen of what sort of aggregations your app will create on their timeline.
In other words, if the preview isn't working, Facebook won't ask for the permission so you're asking in vain. Facebook doesn't make this clear in the docs, but everything needs to be perfectly setup with your app on Facebook to get this to work right.
Enable Enhanced Auth Dialong in the advanced settings of the app
Make sure you have at least one action and one object set up in the open graph section
For each action you must have an aggregation set up.
If you do not do all of these steps, there can be no preview and so Facebook won't ask for permission no matter what.
I faced the same issue. I fixed it by doing the below mentioned two thiings.
a. Enabled 'Enhanced Auth dialog' from 'advanced' setting of the app.
b. blanked 'user and friend permissions' along with 'extended permissions' tab on 'auth dialog' page.
I am not sure what it did, but it started working.
BUT.. Even though the authentication works and the posts are reflecting on my timeline, the add-to-timeline button still shows, 'Add to Timeline'..
The other trick i used is to keep checking the app permissions under account setting tab of my profile page.
Hope this helps !
From Apps -> Settings -> Auth Dialog:
While in Open Graph Beta, the 'publish_actions' permission can only be
requested from developers and test users of your app. The
'publish_actions' permission will be ignored if requested from any
other user.
I had the Enhanced Auth Dialog enabled in the Advanced Settings, yet this did not work until I added a Aggregation Preview for the activity. Strange, but true.
Hope this helps.
The publish_actions permission appears only if the user has added timeline OR if your app is a game. I suppose it will also be available for apps when Timeline will be rolled out to all users...