Need help. I have Graph API code that uses an auth token with offline permissions to post to a fan page as me. I can't seem to figure out how to get it to post to a fan page as the fan page. The API Explorer only works as an individual. When I do a "use facebook as..." for the page and try to use the explorer, it tells me it has to revert me back to being me first. So the auth token is for my personal account, not the fan page account. The auth token has the manage_pages permissions, but that just lets me post to the page as me.
Anyone have an answer or know where I can find one? Search on FB, Bing, Google all pull up nothing on this specific issue.
The point being, of course, that while I could have the automation post as me, that means that the post doesn't show as being from the page, so most people won't see it. Need adult supervision! ;)
Check out the authentication documentation under the title App Login. All the information you need is there...
You have to request an access token for the page and not for the user - then all post you make are onbehalf of the page.
https://graph.facebook.com/oauth/access_token?
client_id=YOUR_APP_ID&client_secret=YOUR_APP_SECRET&
grant_type=client_credentials
Fetching that url will give you the correct access token to post as your page.
To post to fanpage u not only need a manage page permission but the most importantly u need a page access token,here's the code for getting page access token.
$pages_arr = array(
'access_token'=>$access_token ,
'fields'=>'access_token'
);
// Get Page access_token
$page_token = $fb->api('/'.$pageid, 'get',$pages_arr);
$page_access_token=$page_token['access_token']; // get page access_token
// you got the page access token,now use it to do anything on page as page
See my blog post "how to post TO a page and AS the page" at http://bobbelderbos.com/2011/11/facebook-api-post-to-page-and-as-page/
Once you have the manage_pages permission each page requires its own access code.
See the blog post for further explanation, demo and code download.
Related
I'm trying to make a check for a specific user logging into Instagram and approving an app I've created. Is this possible?
Example flow :
User comes to my app
User clicks login/authenticate via Instagram
User logs in (or check is made if user is logged in via Instagram)
User is redirected to my app's callback URI.
When the user gets back to my app I would like to be able to check which user has authenticated - is this possible? At present I'm only able to get an access token.
Thanks for any help.
I've actually solved this by using the server-side flow mentioned in the API documentation (http://instagram.com/developer/authentication/) which gives me back a response including the details of the user logged in if following the extra step (code->access_code application, etc).
I also figured out what you mention above too, so both ways are good.
Thanks for you help.
The information is not directly returned to you in the OAuth process, but once you have the access token you can load user information using the https://api.instagram.com/v1/users/self/?access_token=XXXX endpoint. That will give you data about the currently logged in user (including ID and username)
So I am updating an older desktop app (written in VB, .net 4.0) with facebook integration and followed the guide found here, and have been able to successfully get a token (by parsing the uri of the embedded webview if it contains "token="). Now my problem is if I try to login with a facebook account that has already approved the app in a prior session, the webview just gets redirected to https://www.facebook.com/connect/login_success.html without any token information.
Do I HAVE to log all of the tokens I generate manually (ie on successful token generation, I can call their profile info, use their FB ID as key and save the token)? Even if I do, since the email and password is input directly into the facebook login window, how do I check if the user already has a token?
Thanks in advance
The access token can change any time, you need to get it everytime. After getting the token, I immediately get the user information https://graph.facebook.com/me?access_token=??? and use that ID to find their database information.
I couldn't quickly find facebook information but on google's oauth information it says "The access token is also associated with a limited scope that define the kind of data the your client application has access to (for example "Manage your tasks"). An important goal for OAuth 2.0 is to provide secure and convenient access to the protected data, while minimizing the potential impact if an access token is stolen."
https://code.google.com/p/google-api-php-client/wiki/OAuth2
Ok so I finally figured it out myself. My mistake was apparently requesting the access_token directly (ie https://www.facebook.com/dialog/oauth?response_type=token...) to try and save time.
I fixed it by making a request for a 'code' instead (ie https://www.facebook.com/dialog/oauth?response_type=code), which I then use to make a second request to retrieve an access token as documented here: https://developers.facebook.com/docs/facebook-login/login-flow-for-web-no-jssdk/, "Exchanging code for an access token" section a bit lower on the page.
Hope this helps someone in the future, this was very frustrating on my part.
Regards,
Prince
I'm trying to display my Facebook status on my personal website. I tried this great tutorial http://johndoesdesign.com/blog/2011/php/adding-a-facebook-news-status-feed-to-a-website
The code work great for a couple of Facebook page that I own. But for a specific FB Page I get to step 4 and then get nothing.
{
“data”: [
]
}
Not sure what I’m doing wrong? Any thoughts
The Facebook Page is http://facebook.com/KINGDOM.Gentlemans.Club
(remove space after http://)
The Facebook Page_ID is
114357805248420
Example
https://graph.facebook.com/114357805248420/feed?access_token=???????
Does someone know why I get a blank data page?
Thank you
Marc
I can't find your page on Facebook (over 21 from the USA), so your problem is one of two things:
Your ID and page username are wrong. I should be able to see your page at facebook.com/USERNAME or facebook.com/PAGE_OR_USER_ID. I can't see it at either of these from the information in your original post.
You've got country and/or age restrictions on your page. If that's the case, your generic App access token isn't going to work. To show the feed of a restricted page on a website, Facebook requires you use the access token of a user who has permission to see your page. This prevents your restricted content from being shown to people who shouldn't be looking at it. If you don't have any restrictions on your site, then you don't need an access token to view the results.
BTW, don't EVER post real access tokens on SO. Anyone can harvest and use them. You should reset your KingomFeed app access token NOW.
Why does the Facebook graph API require an access token in order to access videos for my Facebook page:
http://graph.facebook.com/valleyviewseek/videos
But doesn't require an access token when I try to access the page's albums and photos?
http://graph.facebook.com/valleyviewseek/albums
http://graph.facebook.com/473223039060/photos
Are videos under tighter security than albums and photos? Did I do something in my Facebook fan page permission settings to open up albums and photos but not videos? I don't see anything in the API overview that suggests that these objects are any different from each other.
Is there any way to open up the videos so I don't need a token?
You will notice that Page's videos requires a facebook account:
http://developers.facebook.com/docs/reference/api/page/
videos |
Available to everyone on Facebook |
An array of Video objects
Trying to find the solution to this myself.
See: Applications for a Facebook page
I've been dealing with this issue only on videos as well, and found that you can use the page's access token.
That can be gathered easily via the graph explorer, simply select your app and then be sure to check permissions for "account" and "offline_access"**. The call looks like this to render pages after those permissions have been granted (you must be admin of the page in question):
http://graph.facebook.com/<your facebook ID>/accounts
This can of course be scripted via an SDK, but I've found it easiest to just snag the access token directly out of the explorer's output.
Use the page access token in your videos object graph API call and you will get results. Using PHP I've been referencing the video on the page via its object ID:
$graphCallParams = array("access_token" => <page access token gathered from above>);
$facebook->api('<video object id>', $graphCallParams);
**offline_access will make sure the page access token does not expire, but I still personally do not trust this, and have been thinking about writing a script that does periodic access token validity checks.
I've run into an issue where Facebook is now requesting an access_token for public photo albums as well. Looks like in the last few days they have upped their security.
I'm trying to add a "share via twitter" link to our website. I'm aware of the standard http://twitter.com/home?status=TWEET method, and it works good enough for my purposes when the user is logged in to twitter already.
If, however, the user is not logged in, twitter displays the login form first (which is only reasonable). After the login, the home screen is displayed without the tweet content.
Am I missing something obvious, or is this a know flaw in this method? If so, what is the easiest way (apart from using services like TweetMeme, which I noticed asks for login in advance) to make the share button work as expected?
If the user is not signed in when accessing http://twitter.com/home?status=TWEET it seems that the status is indeed forgotten. This would be a Twitter website issue and not something you're doing wrong.
Update: Use this URL instead: http://twitter.com/intent/tweet?text=TWEET
TweetMeme, on the other hand, uses its own Twitter "application" via the OAuth authentication, requiring users to log in before retweeting using TweetMeme, and is smart enough to include the tweet message in the OAuth callback URL so that it's not forgotten.
So really, you can:
Use TweetMeme, where the user would have to log in, but at least have the tweet be remembered once that's done;
Create your own Twitter application that uses the same tweeting functionality as TweetMeme; or
Use Twitter.com's less-than-desirable status updater and hope the user is logged in, or hope that they're smart enough to click the back button a couple times and click on your link again if needed.
Just use the following url and parameters
http://twitter.com/share?text=YOUR-TEXT&url=YOUR-URL
Then it works.