I would like to post updates to a Facebook Page I own, using the API.
I followed the instructions in this answer to obtain:
a short-lived access token for my user, making sure to grant permissions for publish_stream and manage_pages
a long-lived access token, which the token debugger actually shows as never expiring
a Permanent Page Access Token specific for my page, which again is shown as never expiring
I can use the long-lived access token to post to my wall, but neither that nor the specific page access token allow me to post to my page.
If I try to use the personal long-lived access token to post to my Page ID, it returns OK and an actual post ID, but the post never appears on the page.
If I try to use the page access token to post either to /me/feed (which should be the page) or to the page ID, I get #200 The user hasn't authorized the application to perform this action which I clearly did.
What am I doing wrong?
Do I need to submit my app for review? How can I do so, when I don't even have an "app"? It has no public facing website, nothing, because it's only a single script for my own personal use, which I'd like to use to update my page.
according to the docs you will need publish_pages permission to post as page from api v2.3 . Prior, it needed permission publish_actions in addition to manage_pages. Now they have introduced publish_pages specifically for that purpose. .
A page access token with publish_pages permission can be used to
publish new posts on behalf of that page. Posts will appear in the
voice of the page.
Related
I'm building an application for an event so they can directly post their news messages on facebook. I'm trying to use de php SDK V4 for this but there are some parts of the login process I don't understand (still couldn't find a solution after searching for several hours).
My Problem is in the login process. First you have to specify which applicaton you are and give your application secret. Than you have to login to facebook with an account.
But which account should I use for that? The one of their event? Mine?
(I'm an admin of the events page) (this means that all messages will
be posted from mine account while i'm not the poster...sounds pretty
weird..)
Which method should I use to login into facebook? There is a veriaty of methonds like the FacebookRedirectLoginHelper(), the FacebookCanvasLoginHelper() or the Javascript one. However as far is I understand all these helpers for your users to login to their facebook accounts and that's not what I want.
During my search I found some an example of someone who is making a similar system (Facebook Graph API PHP SDK v4 - Post on Page). He/She uses the folowing piece of code for getting a facebook session:
FacebookSession::setDefaultApplication('{APP ID}','{APP SECRET}');
$session = new FacebookSession('{Page Access Token}');
This suggests that you don't need to login into facebook by user but only need a Page Acces Token. However if I understand it correctly (correct me if I'm wrong), to get a Page Acces Token, you first need an User Acces Token (https://developers.facebook.com/docs/facebook-login/access-tokens/#pagetokens). To get an User Acces Token you should be logged in, and than we're back to question 1 and 2 in the beginning of my story.
Or can I just get a Page Acces Token using the following api request (according to https://developers.facebook.com/docs/facebook-login/access-tokens/#pagetokens)
GET /{user-id}/accounts
Using a random user-id as long as the page admin gave this user permission to generate such a token (so the user related to "user-id" shouldn't be logged in while retrieving the Page Acces Token?) .
Sounds like you'll need to use the following flow:
Have the page admin log in with their Facebook account. Make sure to request the manage_pages extended permission. This will give you access to the pages they admin.
Once they grant access to your app, you'll get a short lived user access token. Exchange it for a long lived user access token.
Get the list of the user's pages with /me/accounts. Each page will have an access_token field returned with it. These are all page access tokens. We want to use a long lived user access token to get this list so that all the page access tokens returned will not have an expiration date. They live forever! :)
Use the page access token to post to the wall of the page if you want to post as that page. Use the user access token to post to the wall of the page if you want to post as that user.
And the Facebook Query Builder might make this whole process a lot easier. :)
Hope that helps!
I'm using this tutorial (from the first answer on that page).
In short it uses a FB app, and PHP CURL GET to post to your Facebook page via HTTP. I have it working and can post to my page (as my page) with the correct token.
However, the page access token only lasts an hour, meaning you have to constantly re-authorize by generating a new token. How can I set-and-forget, or otherwise extend my token? I have read the facebook documentation but can't apply it to my scenario.
I just want to authorise once, receive a token and have my web form be able to post to my page.
The & symbol should be replaced with ? (question mark). Then it should work.
ex:
https://graph.facebook.com/oauth/access_token?grant_type=fb_exchange_token&client_id={app-id}&client_secret={app-secret}&fb_exchange_token={short-lived-token}
You get your page access token when you (the admin user) authenticate. The page token is based on your short-lived user token. In order to get a long-lived page token you need to get a long-lived user token. They usually last around two months.
Here's how you get a long-lived page token.
Get a short-lived user token.
Get your app ID and app secret.
Make the following GET call: https://graph.facebook.com/oauth/access_token?grant_type=fb_exchange_token&client_id={app-id}&client_secret={app-secret}&fb_exchange_token={short-lived-token}.
Now use the token returned from step 3 to create a new long-lived page token.
I am trying to post to a facebook page from my facebook application.
I have given the app the manage_pages and publish_actions permissions.
I retrieve the page ID and access token via a request to /me/accounts and then attempt to post to the page using:
POST https://graph.facebook.com/{PAGE_ID_HERE}/feed
?access_token={PAGE_ACCESS_TOKEN_FROM_PREVIOUS_REQUEST}
&message=test
but I get the following error:
The user hasn't authorized the application to perform this action
The page access token appears to be valid:
Why do I get this error? How should I proceed?
The solution was to add the publish_stream permission too. I didn't think this was needed as publish_actions is supposed to replace that; but it started working once it was added.
Facebook used to have a permission called publish_stream, publish_actions replaces it.
Quote from 18th July 2013.
I need implement a functionality in save/update function, of my customers system:
In each save/update, I need get this informations, and send to a Facebook Page (every the same Page).
But my problem is: this system is used by a lot users, and some users do not have a Facebook account, so: How can I post in same Page without login?
I know the offline_access are removed, so, what the best solution in this situation?
I don't find any way, to get the Page Access Token
I create some APP in my personal account of Facebook, but, when I try post in this Page, I get a access unauthorized for this user/app
Sorry for my english.
For you to post updates on to the Page's feed there are few things you would require
An User with administrative or content publishing permission to atuhorize your application with manage_pages Extended permissions. If you have implemented the login, you can add these permissions there, or alternatively you can use Graph Explorer with your application selected to get started.
After you have been authorized then you can retrieve the Page Access Token by querying /me/accounts which would return data as shown in this documentation. You can then utilize the access token you retrieve for the corresponding page to do your job of posting updates.
Writing details for everyone to understand it well -
I created a facebook application to generate a access token by that application id and secret key
I used that access token to get wall posts of ANY facebook page or profile or group using Graph API in my php website which is my aim
Now i want that any user can like or comment on a post of "facebook page wall posts" in my site which i showed in my site by graph api in section 2 above
I can comment on a post or like a post using Graph API call using my access token(with "publish_stream" permission) but if i try same for another user(logged in to fb) with my that access token then its not working.so it means i have to generate another access token for that user with "publish_stream" permission.Is that the way i have to do??
why i don't want it that if i write code to generate a access token with "publish_stream" permission for any user without "permission dialog of application" to let user know that they giving that permission then it may have a big security lick if hacker gets my code, he can do anything with that access token, he can even delete all user profile posts!!!! or posts!!!!! anything on behalf of user.
so what is the best way to do comment,like on a post of any page/profile/group outside of fb(i will use ajax call for that in website outside of facebook)....
footnote: my client want it too..so seriously want to do it.