Is it possible to get access token for multi Facebook user? - facebook-graph-api

I created web application using Facebook C# SDK 5.3.2. I can post messages to my wall. But I want to collect access tokens for my friends' Facebook accounts and store them to use later to post messages to their wall.
Is it possible to get their access token with their Facebook account info. I can get access token for myself with "App ID" and "App Secret. Do I need also add application for my friends' Facebook to get this credentials.

You don't need to store access_token for any user, since it's something time based.
Instead ask for publish_stream permission and post messages to their wall using application access_token
From Facebook documentation on publish_stream permission:
Enables your app to post content, comments, and likes to a user's stream and to the streams of the user's friends. With this permission, you can publish content to a user's feed at any time, without requiring offline_access. However, please note that Facebook recommends a user-initiated sharing model.

the only way to get it done, is that your friends login into your application with their accounts and grant you the publish permission (if you want to publish when they are online) and the offline_access permission, to publish in any moment.
You have to think in the big security issue that this situation potentially represents.
Good luck.

Related

Obtaining Access Token Server Side Instagram Graph Api V3

What I'm trying to achieve:
Fetch images from my own Instagram business account to display on a website using the Instagram graph api v3.3 by not obtaining a user access token from a client side Facebook SDK login modal because users just shouldn't be doing that to see a simple Instagram feed.
I have the permissions manage_pages and instagram_basic granted(gone through app review). I'm using app_id and app_secret as user access_token parameter value(which may not be the access token Instagram graph api is looking for) as when I tried to fetch any data there is an error message:
" #10) To use 'Page Public Content Access', your use of this endpoint must be reviewed and approved by Facebook. To submit this 'Page Public Content Access' feature for review please read our documentation on reviewable features: https://developers.facebook.com/docs/apps/review.'" However, I don't need the permission Page Public Content Access because I'm fetching images from my own account. This is also confirmed by the Facebook App Review support.
The query that is used to get the images is as follows:
https://graph.facebook.com/${pageId}?fields=id&access_token=${accessToken}
My access token in this case is app_id|app_secret since I can't access the user access token.
The developer api guide "https://developers.facebook.com/docs/instagram-api/getting-started/" only shows a way to get user access token using the client side Facebook SDK login button which generates a user access token after a visiting user interacts with a modal that pops up to have them login. But again, a simple Instagram image gallery shouldn't require every user that visit the site to log in to their own Facebook account.
I have bugged the App Review support team at Facebook with no real answer. I couldn't join the Facebook developers support group as no one is approving my request to join and I've also tried my best to seek help from the facebook developers support team but I can't reach them. So I'm turning to Stack Overflow to ask if there is any way to display images from an Instagram Business Account without sticking a Facebook login SDK modal on the site.
Thanks so much.
EDIT: After reading #misorude's comment, I'm thinking would adding the Facebook login modal on the website and querying it by logging into my own Facebook account and then capturing my own user access token that is returned by the api and then use that access token for every susequent api calls to fetch images work?

Can't get Instagram Business Account ID through Facebook Graph API

I'm trying to access the media of my Instagram business account through Facebook Graph API. I'm following this guide:
https://developers.facebook.com/docs/instagram-api/getting-started/
I've set up everything as requested: I have an Instagram business account, a Facebook page connected to this account and a Facebook app.
In step 5, when I try to get the Instagram Account ID with
GET /v3.0/{page id}?fields=instagram_business_account
the response I get looks different than the one in the guide. The Instagram business account field is missing, I only get back the ID of the Facebook page, which I already have.
Does anyone have an idea what could be wrong here?
Try the query below with the manage_pages permission.
/v3.0/me/accounts?fields=name,id,access_token,instagram_business_account{id,username,profile_picture_url}
I'm going through the review process and having trouble understand the permissions required to
Get Instagram Business Accounts
Subscribe to instagram_story_insights webhook
I only manage to get 1. by having the manage_pages permission. But I don't want to manage pages, just want to get the Instagram Business Accounts and request insights, feed and profile.
For 2. I only find the /subscribe endpoint and that requires a Facebook Page access token and that is only available with the manage_pages permission.
I was facing this issue since last 2 days and it was started suddenly.
I was able to resolve this issue by doing below steps.
Convert back your Instagram business account to personal account.
Now Convert your personal account to business account through the only facebook web not on instagram native app.
Important: We need to convert personal account to business account through the only facebook.
Hopefully you've figured this out by now. I had the exact same problem as you did where I would only get the id of my page.
The solution was adding the correct permissions to the user access token.
You will need to use a user access token with manage_pages and instagram_basic permissions when you make API calls to
GET /v3.0/{page id}?fields=instagram_business_account
We found that this happens for 2 reasons:
Instagram profile was not associated with Facebook page correctly (i.e. person converted did not have access to your page).
The person who converted Instagram to business and connected to the page is no longer an admin of the page
You connected your page and Instagram using Facebook page settings - that screen definitely does not work.
Make sure that your app has approved business_management permission and that you are asking for it when users authenticate facebook.
In all cases, converting instagram back to personal and then reconverting it to business fixes the issue.
Facebook Graph API 4.0 Only Supports Instagram Business Account. Creator instagram account doesn't work on graph api .
Check out below pics for getting instagram id from graph api
Click to View for Graph API Response
I was able to resolve this by going to the Facebook Page > Settings > Instagram and there I was prompted to "Review connection." I recently added the Instagram account "asset" to a user of our business account, so maybe that caused some need for the connection between the FB Page and IG account to be reviewed. I never received a notification from FB about this and I banged my head against the wall for over a day trying to debug this.
Given the Facebook account has a page (with {page id}) linked to the Instagram account. We managed to obtain ids via Browser (HTTPS Get) with
https://graph.facebook.com/v3.0/{page_id}?fields=instagram_business_account& access_token={Access token with the right permissions}
The token was manually generated using Facebook's Graph Explorer
https://developers.facebook.com/tools/explorer/v2/
Choose "User Token" option and Add the permissions "business_management", "manage_pages" and "instagram_basic" via the UI. Hit "Get Access Token" button to generate the token to be used with the "instagram_business_account" url query above.
To get images from the linked Facebook page, we currently do
https://graph.facebook.com/v3.0/{instagram_business_account}/media?fields=id,name,media_url,media_type,timestamp&access_token={Access token with the right permissions}
BTW, our Facebook account does have an app created under it so we could choose this app in the Facebook Graph API Explorer tool when the UI asked for it.
With the right permissions, one can covert these steps into code.
I am facing the same issue and I think thats because one of these two reasons:
the Graph API has updated its policy and requires all apps to undergo Business verification, which is part of the App Review process. Once your app gets verified then you can make those calls.
Your app is in live mode. Switch it off so it comes in development mode from your app dashboard. now you have access to all the api calls. Select the manage_pages and instagram_basic permissions from the graph api explorer. Now you can make the request.
I was facing same issue but i found the solution. At start be sure your instagram account should business account or Creator account.
And then link it with facebook from Facebook web.
Error only come when we use our personal account instead of Creator or Business.
This is my output now.
Add one more permission to your auth request: pages_read_engagement. No need to have manage_pages or public contents access to get Instagram ID.
I faced the same problem and I have resolved it. Follow the following steps to get the Instagram business ID.
(assuming that you already have an access token)
Step 1: Get the Facebook ID first [ GET v11.0/me?access_token={your_access_token} ]
{
"name": "your facebook page name",
"id": "facebook_page_id"
}
Step 2: Make sure that manage_pages , business_management and instagram_basic permissions are enabled. Can be easily done using Graph API Explorer.
Step 3: Using the Facebook ID we can obtain the Instagram business ID [ GET /v11.0/{facebook_page_id}?fields=instagram_business_account?access_token={your_access_token} ]
{
"instagram_business_account": {
"id": "insta_business_id"
}
}
Step 4: In case you are getting only Facebook ID after hitting the endpoint as mentioned in Step 3 then, using your mobile device switch back to your personal account. Again, enable the business account and make the HTTP request again. This method worked for me in getting the Instagram business id.
Finally solved it. Here is what I did to accomplish it.
I' not using business manager. The problem I was facing because my facebook account was not properly connected to instagram account. I thought I created instagram account with my facebook account so they were connected somehow. It was not the issues. Switching instagram account to business won't work. You need to connect your instagram account to your facebook business page.
Go to your pagee
Go to your page settings
Find instagram > you'll see connect. Here I had some problem connecting to instagram from here by logging in with facebook won't work. Do the traditional email password connection.
Last step if successfully connected it will ask you to switch your account. Click on button and done.
After an entire day searching the web (to no use) and reading Facebook/Instagram API docs (which is sometime misleading) I still could not successfully get the Instagram Business Account ID to make requests that use it, like the ig_hashtag_search request.
That's when I decided to ignore everything on the web, trust God, and start using Graph API Explorer's auto complete to try and make some sense of the whole thing!
It finally worked!
Before getting to the actual steps, make sure both Facebook and Instagram accounts are properly configured as business accounts! I don't know if it is a bug in the Brazilian version of Instagram's website, but the process to convert a regular Instagram account to a business account could only be completed using the native Instagram Android app. Specially the part where you link your Instagram account to a Facebook page that should already exist, and that should already have been created using Meta Business Suite.
Again, for me, as of today, the Public Business Information section was missing from the Brazilian version of Instagram's website!
After having configured and properly linked the accounts, it is possible to make the calls using Graph API v12.0.
Step 1
Access the Graph API Explorer.
Step 2
Add the following permissions:
ads_management
business_management
instagram_basic
public_profile
Step 3
Generate the Access Token using the button on the screen (in the popup, be sure to log in using a Facebook account that has both Facebook Business and Instagram Business accounts properly linked and configured).
Step 4
After obtaining the Access Token, get all Businesses IDs:
GET https://graph.facebook.com/v12.0/me/businesses?access_token=xxx
In the Graph API Explorer, you must type only this:
me/businesses
The response should be something like this:
{
"data": [
{
"id": "BUSINESS_ID",
"name": "Business Name"
}
],
...
}
Step 5
Use the BUSINESS_ID to finally get the Instagram Business Account ID:
GET https://graph.facebook.com/v12.0/BUSINESS_ID/instagram_business_accounts?access_token=xxx
In the Graph API Explorer, you must type only this:
BUSINESS_ID/instagram_business_accounts
The response should be something like this:
{
"data": [
{
"id": "INSTAGRAM_BUSINESS_ACCOUNT_ID"
}
],
...
}
And that's it!
If everything worked as expected, you can use this INSTAGRAM_BUSINESS_ACCOUNT_ID to make the desired requests, such as ig_hashtag_search or recent_media requests:
GET https://graph.facebook.com/v12.0/ig_hashtag_search?user_id=INSTAGRAM_BUSINESS_ACCOUNT_ID&q=DESIRED_HASHTAG&access_token=xxx
In the Graph API Explorer, you must type only this:
ig_hashtag_search?user_id=INSTAGRAM_BUSINESS_ACCOUNT_ID&q=DESIRED_HASHTAG
The response should be something like this:
{
"data": [
{
"id": "HASHTAG_ID"
}
]
}
Hope to have helped! 🙏

Access profile pictures using Facebook's Graph API v2.3 without user login

Direct access to profile pictures via the Facebook graph API has recently stopped working and appears deprecated. Apparently, this now requires an access token (which requires the user to login to FB first)...
https://graph.facebook.com/{user-id}/picture?redirect=false&type=large
I'm developing a web application in JavaScript, unrelated to Facebook. I would like to offer users the option to use their FB profile picture for posts. They provide their numeric user-id which I save on our server. Until recently, my client app could use the numeric user-id in the above URL to produce a JSON response with a link to the user's profile picture.
Is there an alternative approach to getting a user's profile picture without first requiring the user to login to FB to get a client-side access token?
If They (the users) provide their numeric user-id means that you're using Facebook Login, and they at least gave their public_profile permission to your app, you can just add the App Access Token to the request and it should work.
https://graph.facebook.com/{user-id}/picture?redirect=false&type=large&access_token={app_access_token}
If you don't use Facebook Login, I see no chance to be honest.

Instagram API Pulling Images Without Authorization Page

So I was going through Instagram's API and I implemented it. However it isn't as useful as I thought it would be because when trying to get and OAuth2 token a user is taken to a page to authorize them in what looks to be and effort of insuring that the user realizes that they are about to view and share Instagram content with my application. This all makes sense to me although not ideal. You can find it in detail here(Step One: Direct your user to our authorization URL).
Then I saw this press release from a company called Celtra who says they can pull the the most recent images off any Instagram feed and put them in an Ad. I checked it out and somehow they are pulling the images of other companies without this authorization page I am encountering. Basically without page scrapping I don't know how to do this with Instagrams API, and I realize scraping violates Instagrams terms of service. Does anyone have this functionality, where I can pull down images from Instagram and not take a user to an authentication page working legally as I am assuming Celtra is doing? Guidance or documentation on how to achieve this would be ideal.
Instagram recently added an endpoint that will allow you to any instagram account's photos without oauth or needing access_token, you can specify client_id and make API call to get photos.
Just register for an app account at here and add the client_id to this endpoint and make call:
https://api.instagram.com/v1/users/3/media/recent/?client_id=YOUR-CLIENT_ID
You only need access_token to get users' likes, follower feed and to like/comment/follow.
update: you need to have access_token with the new API changes, cannot
access API with just client_id anymore
To do this simply, you could authenticate your app from a dummy profile or your own personal profile and then use the access_token to request the feeds of any account. Then, when an end user goes to use your product, instead of authenticating them, you can just pull content from the Instagram API using your access_token.

Graph API - as user?

I am trying to get to grips with the Graph API. Is i,t correctly understood that if I want to ask for my own, say friends, through code, I should
register my application and get an app access token
Login with my own credentials and get an user access token?
I find it difficult to grasp the concepts from the documentation.
The flow should go like :
User adds the app and gives the permissions.
Which returns the access_token (user access token) which is used to query datas.
Generally speaking, You ask for permissions, and you get a key which can open the locked contents. That is the access_token.
Difference between App Access_token and User access_token :
App access_token is needed when you do something as the app. Like getting the insights for the app, or working with subscriptions, so and so.
User access_token is needed when you want to act as the user who have the app added in their account.
With reference to your question, You clearly doesnt need App access_token.
You need to do both.
Registering your application tells Facebook where those requests are coming from. They monitor what requests your app is making to police apps that violate your terms.
Once you have that app, you personally authenticate it to get information from or post information to Facebook on your behalf. The app must ask for specific permissions and you have to grant these for it to work.