i am new in Developing Facebook App.I just saw a tutorial on facebook and start developing the App.Everything was going fine but when i click on App the App goes in an infinite loop of Authentication and web address keep on incrementing the auth part.I had seen 100 of tutorials on developing facebook app but all of them goes into an infinte loop.what could be the reason?Anyone please let me know.Some people say it as White Screen of Death
When user comes to your canvas, then you look for the signed_request including access token otherwise you redirect to authorization page, then use grants authorization it come backs to your canvas, here:
somehow you can't get the access token, the loop starts.
Related
I stumbled across a website a while back where it showed the privacy repercussions of logging in to Spotify using the web version. I believe it used JavaScript but I can't be too sure. Anyway, this unrelated website was able to display my Spotify username despite me not authorizing anything. If I remember correctly, it also had slots for other services that I didn't use so it couldn't show my username there.
But what I'm interested in learning about is how it managed to get my Spotify username. Not because I plan to use the method but out of curiosity with how the whole thing works. When I found out about that page/site awhile back, it spooked me enough that I started using a different browser profile specifically for Spotify going forward because of it but I never got around to digging deeper into how it actually did what it did.
Cookies save your an access token for Spotify account after to success login of Spotify.
Next time, if open your browser go to
https://open.spotify.com/
It's java-script to access from your PC's cookies,
call this API with cookies an access token, get your information.
Then display your user name in the web page.
https://api.spotify.com/v1/me
If I copy from my Chrome browser the access-token and API URL,
Then access by Postman.
I can get the my user name.
Each browser has own location to save a cookies,
if you never login before other browser, will not pick up your information.
I did not login before by Firefox.
This is screen of login.
I am new to Instagram Basic Display API. All I need is to get the recent media published on my Instagram account. I have followed all the steps mentioned here until step 4. In step 4 when I am accessing the authorize URL it is asking me to log in to my test user instagram account first and then displaying the authorized window. Just imagine this from a user perspective. If a user is clicking on a button and if it is asking for entering the credentials of my account it seems to be like exposing my account details publicly.
Once I click on the authorize button it is redirecting to my redirect_uri and I can get the code.
How can I implement the same from the server-side? There will be no user interaction for the project I am working on. It should happen from the backend itself. I am using Django as the backend server. Please help me with this.
If this is just for your own project and your own Instagram account you can generate access token like it's described here: https://developers.facebook.com/docs/instagram-basic-display-api/overview/#user-token-generator
You don't need the authorization window in that case. On your server just write a code that will send the request to Basic Display API with token created via Token Generator.
Unfortunately I'm struggling to understand the documentation provided by Facebook.
This is the scenario:
- Some of my iPhone Apps are also registered as Native/Desktop Apps on Facebook in order to support the Facebook Audience Network.
- I'm building a tool in python which will retrieve data from the reporting API in order to run some automated analysis on specific metrics (request, impressions and so on).
The question is: how do I retrieve this data?
The documentation for the reporting API is here: Reporting API
However I'm struggling with the access token.
It says that I could use the specific App Token available here: App Tokens
However by using such token, I get an error saying that app tokens can't be used for Desktop/Native Ads.
What is the correct way to do it then? Here is where I struggle to understand Facebook Documentation.
My guess is that I should use a User Access Token instead, generated for a user that is also the admin of the App for which I want to retrieve the insights.
What really freaks me out is that apparently, this can't be done with normal HTTP calls only but it requires instead to go through the Facebook Login Dialog. I also need to create another Facebook (web) app because there is no way to get a simple "User Object"... Everything needs to start and go through a registered Facebook App. And there's no way to go through these steps by using backend code only.
So... to recap... in order to read the Insights for a Native/Desktop Facebook App (APP_A), I have to:
- Create a new Web Facebook App (APP_B)
- Create a web interface somewhere for APP_B) which will trigger the Facebook Login Dialog and request the read_insights permission.
- Login through this web interface and generate a User Access Token
- Put this User Access Token in my backend code and run the scripts that retrieve the data provided by the Reporting API for APP_B
Really... to me... it doesn't make any sense to create a new Facebook App in order to access the data of another Facebook App.
Isn't there another better, simpler, quicker, cleaner way to achieve the same final result?
I wonder what is the right technique to streamline the login to my site via Facebook.
Currently, I have a web site integrated with Facebook Login button. Right now, it's an independent web site, and not a "Facebook app" (running in the canvas). While this is not my decision, this could change in long term if matters.
The way the authentication work: the "fb-login-button" is redirected to my application URL using onlogin() event; the server side uses the cookie to retrieve the "access token" and perform further Graph API work. The business logic resides on the server side.
The current business requirement is the following:
Suppose someone posts a link to my site, somewhere in Facebook, for example in our site community page:
http://www.mysitedomain.com/offer1
A Facebook logged-in user clicking on the link - should get to the target page, after his Facebook identify got verified, and the result should be personalized for that user.
If a Facebook user already has an active session with my site - trivial.
Assuming a user had approved my site (app) in the past, but has no active session - here I am looking for the best practice to do the login.
Also, I would appreciate a hint how to handle the app authorization (i.e. showing the Facebook authorization dialog) in a most efficient way.
Thanks for any hint.
Check out FB Login Architecture and FB.getLoginStatus. Based on FB documentation, If you use javascript sdk, it only triggers a Popup on the same page and once authenticated it will go back to the same page. So once the login status is confirmed then you can get users information from graph api and update via AJAX on your page. You can also checkout this server side login. Hope this helps.
i am trying to use /me/likes/pageID the same way i used pages.isFan (REST API).
But it always uses the user/page as me for which i created the access token and not the current active user.
can't get my head around this one, any help is appreciated!
thanks
[from comments] but do i really need to create an application to "just" check if the user is fan of my own page? and even ask his authorization?
Yes, you will need an app in any case.
If you run your app as a canvas or page tab app inside of Facebook, then you get the info if the current user liked the very Facebook fan page the app is running in(!) directly from the signed_request parameter.
If you want to query this infor for other pages, and/or your app is running outside of Facebook, then you have to have the user connect to your app and ask permission to read his likes first, before you can get this info.
For information on the latter case, see https://developers.facebook.com/docs/authentication/, https://developers.facebook.com/docs/authentication/permissions/#user_friends_perms, https://developers.facebook.com/docs/reference/api/user/#likes
It is easy: With the new Graph API, the owner of the access token is me. You can see this by pasting an access token into the debugger.
You should be authenticating your user and gaining an access token in their name each time they visit your site. Then use only this access token when you make your query.
This process is easiest if you use one of the Facebook SDKs.