i have a task to automatically post from my site on users wall they are logged in the same browser once giving all the permissions it should never ask again for giving permissions means all the next post should be posted automatically on that users wall. can anyone help me ?
Rquire a stream_publish permission (for example with redirect) and do a graph api call of type post to /me/feed/ by PHP Facebook API.
After receiving permission you shuld exchange your access token to long-lived access token which will be fine for about 60 days.
Related
I'm building an application for an event so they can directly post their news messages on facebook. I'm trying to use de php SDK V4 for this but there are some parts of the login process I don't understand (still couldn't find a solution after searching for several hours).
My Problem is in the login process. First you have to specify which applicaton you are and give your application secret. Than you have to login to facebook with an account.
But which account should I use for that? The one of their event? Mine?
(I'm an admin of the events page) (this means that all messages will
be posted from mine account while i'm not the poster...sounds pretty
weird..)
Which method should I use to login into facebook? There is a veriaty of methonds like the FacebookRedirectLoginHelper(), the FacebookCanvasLoginHelper() or the Javascript one. However as far is I understand all these helpers for your users to login to their facebook accounts and that's not what I want.
During my search I found some an example of someone who is making a similar system (Facebook Graph API PHP SDK v4 - Post on Page). He/She uses the folowing piece of code for getting a facebook session:
FacebookSession::setDefaultApplication('{APP ID}','{APP SECRET}');
$session = new FacebookSession('{Page Access Token}');
This suggests that you don't need to login into facebook by user but only need a Page Acces Token. However if I understand it correctly (correct me if I'm wrong), to get a Page Acces Token, you first need an User Acces Token (https://developers.facebook.com/docs/facebook-login/access-tokens/#pagetokens). To get an User Acces Token you should be logged in, and than we're back to question 1 and 2 in the beginning of my story.
Or can I just get a Page Acces Token using the following api request (according to https://developers.facebook.com/docs/facebook-login/access-tokens/#pagetokens)
GET /{user-id}/accounts
Using a random user-id as long as the page admin gave this user permission to generate such a token (so the user related to "user-id" shouldn't be logged in while retrieving the Page Acces Token?) .
Sounds like you'll need to use the following flow:
Have the page admin log in with their Facebook account. Make sure to request the manage_pages extended permission. This will give you access to the pages they admin.
Once they grant access to your app, you'll get a short lived user access token. Exchange it for a long lived user access token.
Get the list of the user's pages with /me/accounts. Each page will have an access_token field returned with it. These are all page access tokens. We want to use a long lived user access token to get this list so that all the page access tokens returned will not have an expiration date. They live forever! :)
Use the page access token to post to the wall of the page if you want to post as that page. Use the user access token to post to the wall of the page if you want to post as that user.
And the Facebook Query Builder might make this whole process a lot easier. :)
Hope that helps!
I have an applicatoin that gets the birthday of the users threw a form and than it's supposed to write on there wall on there birthday.
Is this possible? even if they visit the app today and there birthday is in 200 days? Because I know the token only lasts 60 days and I want to post with there fb profile.
If I try to post the message on my fan page (where I can get a token that lasts forever) and tag them it doesn't work, because facebook doesn't allow tagging threw the api, you have any suggestions how can I achieve this?
For posting a feed on the user's wall, you can use the APP Access Token instead of the extended user token you are saving.
App Access Token
Facebook removed the offline_access permission a couple of years back:
https://developers.facebook.com/docs/roadmap/completed-changes/offline-access-removal/
"Note: The user must access your application before you're able to get a valid "authorization Code" to be able to make the server-side OAuth call again. Apps will not be able to setup a background/cron job that tries to automatically extend the expiration time, because the "authorization code" is short-lived and will have expired."
Basically you need an Authorization code to get a new token, and you can only get that if the user actively uses your app.
I have an app that allows users to manage their Facebook Pages. I have done a section on my app where users can put posts on a queue and program them to be sent on the future. For example, a page administrator is going on vacation and prepares some posts to be sent while away.
This is done with a cron task that sends the posts when the scheduled time comes. The problem is that to write on a Page I need a Page Access Token and I can't get that with a App Access Token (or can't find how to do that).
Being a cron task there is no user interaction at all so I can't get neither an User Access Token nor a Page Access Token. The user has previously authorized a Facebook App with manage_pages and publish_stream permissions.
I've tried everything to exchange an App Access Token for a Page Access Token without success.
After struggling my mind and reading (almost) all the documentation on Facebook I came with an idea: maybe I could get the users Access Token when they prepare a post to be sent on the future and save it. The problem here is what would happen if the token expires or is invalidated.
Any help would be appreciated :D
What you are trying to do need offline_access which is deprecated which is now being replaced by Extended Expiry time Access Tokens.
Read : https://developers.facebook.com/roadmap/offline-access-removal/
You can just use the sample codes given on the documentation, and get an extended access token which you can then save to a database to be retrieved when the cron hits the time to fire the post.
Sample : https://developers.facebook.com/docs/howtos/login/server-side-login/
I'm trying to make a small bot with my facebook app.
I've an Facebook app, people registered to my app through facebook.
I want my bot to check every day checkins of my users (launch with scheduler like cron)
since the bot is not accessed by a user, is there any way to retrieve access token for a user to get checkins information? via graph api?
I read that access_token expires, event offline_token can not be used forever.
I have tried to store fb_uid and user code generated when registering, but that is not working...
This is where offline_access rights are for. You can test this by using the token debugger. Just get a token with offline_access and you will see that the token won't ever expire. Until off course the rights are revoked by the user.
I have a facebook app which can post to the wall of a page by using the administrators 'publish_stream" permission. However I don't want to have the ability to post all over a user's wall, only the pages they control.
Since this is being done automatically I will need a permanent token (offline_access) and obviously the publish_stream permission. But I'm unsure how to request this.
I have seen some applications, like the notes app in pages which have a setting for allow this app to post on wall. This would be easier, but otherwise does anyone know how I can request publish_stream permission for a page via the graph api?
For example, this is the request I use to get the user authorization code before requesting a token. I can't find an equivalent to request authorization for a page though.
https://www.facebook.com/dialog/oauth?
client_id=YOUR_APP_ID&redirect_uri=YOUR_URL&scope=email,read_stream
You can't get permission to access only a page's wall / news feed without access to the user's also. If you're worried about "accidentally" posting to the user's wall and not to the page, you can make sure you use the access_token provided in the /me/accounts endpoint for your user.
So, your choices are pretty limited here if you want to use the offline_access permission to post to a pages wall. Limited, as in, you need to have publish_stream and manage_pages permissions.