What I am trying to do is get a list of permissions that an application will ask for when a user adds it. FQL says I need an app access token (which of course requires the application secret). I must be doing something wrong...I don't find it normal than only the developer of an application would be able to use the Graph to read the permissions the app requires. Has anyone seen something similar?
The permissions that you ask for depend on the script that is calling the login at that particular point, so it could be different in many places. One place in the app may only require basic permissions, while another place might require basic and email permissions. So you can't get a one-size-fits-all answer for an app because it isn't defined in one place, and it is not saved on the facebook server.
It might be that there is another solution to the reason why you want this information. What is it you are trying to achieve?
Related
I'm trying to create a system user token for one of my apps as described here in the Facebook API documentation: https://developers.facebook.com/docs/marketing-api/businessmanager/systemuser/#systemusertoken
I'm using the Graph API explorer to make the call, include the correct parameters (appsecret_proof, business_app etc.) but receive the following error:
(#200) Requires business_management permission to manage the object
It is true that the access_token I'm using when making the call does not have the business_management permission, but I don't understand why. The user that is making the call is Administrator for the app in question and has all rights I could possibly give. Also, for my other app, the permission shows up correctly when creating the user token and I cannot spot any difference in the configuration of the two apps.
I'm wondering if I need to put the app (which is a mobile game) through app review, but that seems kind of wrong because I don't want to request that permission from users or anything, I just want to use my administrator account to generate a system user token, which is a one-time action. The other app that correctly shows the permission also didn't go through app review, and both apps don't use Facebook for anything user facing, not even for logging in.
I feel like I'm completely on the wrong track and probably don't see the real problem here, but I'm also out of ideas. Is there something obvious I'm missing or anything else that could cause this permission not to show up?
I solved it now by putting the app back into development mode, which apparently allows all permissions to be granted. Creating a system user token worked fine and the system user is able to make API calls even after the app is set back to "live".
first time on stackoverflow. Was wondering about this problem I am having as mentioned in the title, my application cannot retrieve any data via the API for any profiles that are non-related in anyway (no mutual friends either). Is this a known thing due to privacy settings or permissions?
Thanks!
This is the rules you have to know, for example 100007110730790 is a non-friend id:
Rule 1. If the user turn platform Off:
Facebook API wouldn't work at all:
Rule 2. If the platform is ON and user 100007110730790 does not provide user_status permission for your app, you can get the feed with have tagged with you:
Updates:
if you are using your apps(not graph API explorer default app, this app wouldn't include activity feed!), you can also get public activity feed(add life event, change language, so on, even though he/she doesn't use the app at all!):
Update 10 jan 2014:
shared_story is included on this rule.
Rule 3. If the platform is ON and user 100007110730790 does provide user_status permission for your app, you can get the status feed even though non-friend!:
And using FQL:
So, for albums/photos is the same, the non friend need to grant user_photos permission to the same APP.
Yes, I guess. In any ways you shouldn't be able to retrieve something that is not normally visible to you. Looking aroudn Stackoverflow there are multiple threads with similar queries, so it seems like a known limitation.
I was hoping to use the Graph API to retrieve a list of apps that the user currently has on their account - those that they are using or have used, and have not yet removed. This would be the same list as found by clicking App Centre and My Apps.
I'm not looking to get info about a specific application (yet; I don't know what app to look at, or how to get its ID).
This article: How to get the List of Facebook Applications for a user using Graph API
seemed to be the right answer (and the OP certainly liked it), but for me, while it works, it returns an empty array - but I have about 20 apps (mostly games) listed on my profile, half of which are in favourites. I don't need to know which are in favourites; I simply would like to know what apps a user is interested in.
I realise this is considered sensitive information, but since I cannot find what string to use for the api() method, I can't tell what permissions I'll need; I currently ask for read_stream but since the call itself succeeds, I assume I have sufficient privilege.
I see that you can list the app requests using /me/apprequests, which suggests you should be able to retrieve the list of apps (that's where the requests come from, usually, except invites to new games) - but I can't find anything that seems right.
Any ideas?
Thanks.
No, it is not possible to retrieve a full list of the applications that a user has TOS'ed.
As described in the comments to the OP, it is possible to deduce some of them from /[user]/scores assuming they have granted the user_games_activity permission.
Is it possible to ban users from using a Facebook application?
I'm not talking about the canvas or the discussions board (which is what I've found by looking around), but the application itself, that is, causing errors or preventing actions whenever the user tries to use the Graph API (in my specific case, an Android app that uses the Graph API to provide some features).
The scenario I'm envisaging is something like this:
user authenticates app to use its features and gets the access_token;
user uses the Graph API according to the app permissions;
user someday does something he shouldn't;
user is banned and, even if the access_token is still valid, Graph API requests fail, and will always fail even when deauthorizing and authorizing the app again.
Is this possible using the Graph API or the developers app console on Facebook, right now, or is there really no way to prevent users from misusing your application? I guess I may do something "out of band" to enforce this somehow, but being able to do it at the Facebook level as well would be much more effective and harder to circumvent.
See https://developers.facebook.com/docs/reference/api/application/
Use the 'banned' connection of the Application object to ban specific users from your App - you'll need the App access token to do this
Just create a blacklist of specific Facebook User IDs, and check the user's ID against the blacklist when they log into your app.
If the blacklist matches, show a message telling them that they are banned and don't allow access to any functionality.
We are considering running a contest/drawing for users who check-in to our client's business. The Checkin Deals (PDF) feature looks really cool but it doesn't seem like you can programmatically access data on users who have checked in for a deal.
You can however get access to Checkins in general, using the Graph API. So I guess I just want to confirm that it would be possible for us to run a drawing/contest for users who check in to a place, before talking about it with our client.
Thanks!
You can't get information about who checked into a deal or checked into a place. The only information like this available via the Graph API is places an individual user has checked in, if they granted your application access to read that. It's similar to how Facebook doesn't provide who likes a page via the API, mainly due to privacy.