I have an app that allows users to manage their Facebook Pages. I have done a section on my app where users can put posts on a queue and program them to be sent on the future. For example, a page administrator is going on vacation and prepares some posts to be sent while away.
This is done with a cron task that sends the posts when the scheduled time comes. The problem is that to write on a Page I need a Page Access Token and I can't get that with a App Access Token (or can't find how to do that).
Being a cron task there is no user interaction at all so I can't get neither an User Access Token nor a Page Access Token. The user has previously authorized a Facebook App with manage_pages and publish_stream permissions.
I've tried everything to exchange an App Access Token for a Page Access Token without success.
After struggling my mind and reading (almost) all the documentation on Facebook I came with an idea: maybe I could get the users Access Token when they prepare a post to be sent on the future and save it. The problem here is what would happen if the token expires or is invalidated.
Any help would be appreciated :D
What you are trying to do need offline_access which is deprecated which is now being replaced by Extended Expiry time Access Tokens.
Read : https://developers.facebook.com/roadmap/offline-access-removal/
You can just use the sample codes given on the documentation, and get an extended access token which you can then save to a database to be retrieved when the cron hits the time to fire the post.
Sample : https://developers.facebook.com/docs/howtos/login/server-side-login/
Related
As the title suggests im wondering how i could obtain a never expiring facebook user access token. Which i would need to create a page access token at a later date. I tried using their graph explorer tool but i could only make it go up to 2 months of expiry date and for my use case that wouldnt be ideal.
To shortly explain my use case, on our website im trying to implement a facebook sharing system where each user could share what they wanted i.e posts on their facebook page (we are not using facebook login and the user would just give acces from their own dev tool panel if thats the correct approach). I got this to work BUT only with a acces token that would expire in 2-3months. So a user having to re-authenicate with our service every 2-3 months isnt ideal and wouldnt really work for us. So is there a way i can refresh that token programtically or does the user have to give a new user access token every couple of months.
I have tried following this answer but with no luck Long Lived access token Facebook Page and many similar answers to this. There is also a suggestion that you should contact facebook if you want a never expiring access token which this user suggested Generate permanent access token Facebook API.
Now im wondering if it even is possible do that in 2021 and if there is anything i missed in regards how to generate said tokens or refresh them.
EDIT:
I used the following requests to get the extended access token.
https://graph.facebook.com/oauth/access_token?client_id=<your FB App ID >&client_secret=<your FB App secret>&grant_type=fb_exchange_token&fb_exchange_token=<your short-lived access token>
After i got the token i used
https://graph.facebook.com/me/accounts?access_token=<your long-lived access token>
to get the extended access token.
To get page access token that never expires, take the following steps:
Get user token
Make this token long-lived, e.g. by clicking "Extend access token" at the bottom of the page: https://developers.facebook.com/tools/debug/accesstoken/
Then, use this token to get page access token.
In Access Token Debugger the token will be marked as "Expires: never"
I'm building an application for an event so they can directly post their news messages on facebook. I'm trying to use de php SDK V4 for this but there are some parts of the login process I don't understand (still couldn't find a solution after searching for several hours).
My Problem is in the login process. First you have to specify which applicaton you are and give your application secret. Than you have to login to facebook with an account.
But which account should I use for that? The one of their event? Mine?
(I'm an admin of the events page) (this means that all messages will
be posted from mine account while i'm not the poster...sounds pretty
weird..)
Which method should I use to login into facebook? There is a veriaty of methonds like the FacebookRedirectLoginHelper(), the FacebookCanvasLoginHelper() or the Javascript one. However as far is I understand all these helpers for your users to login to their facebook accounts and that's not what I want.
During my search I found some an example of someone who is making a similar system (Facebook Graph API PHP SDK v4 - Post on Page). He/She uses the folowing piece of code for getting a facebook session:
FacebookSession::setDefaultApplication('{APP ID}','{APP SECRET}');
$session = new FacebookSession('{Page Access Token}');
This suggests that you don't need to login into facebook by user but only need a Page Acces Token. However if I understand it correctly (correct me if I'm wrong), to get a Page Acces Token, you first need an User Acces Token (https://developers.facebook.com/docs/facebook-login/access-tokens/#pagetokens). To get an User Acces Token you should be logged in, and than we're back to question 1 and 2 in the beginning of my story.
Or can I just get a Page Acces Token using the following api request (according to https://developers.facebook.com/docs/facebook-login/access-tokens/#pagetokens)
GET /{user-id}/accounts
Using a random user-id as long as the page admin gave this user permission to generate such a token (so the user related to "user-id" shouldn't be logged in while retrieving the Page Acces Token?) .
Sounds like you'll need to use the following flow:
Have the page admin log in with their Facebook account. Make sure to request the manage_pages extended permission. This will give you access to the pages they admin.
Once they grant access to your app, you'll get a short lived user access token. Exchange it for a long lived user access token.
Get the list of the user's pages with /me/accounts. Each page will have an access_token field returned with it. These are all page access tokens. We want to use a long lived user access token to get this list so that all the page access tokens returned will not have an expiration date. They live forever! :)
Use the page access token to post to the wall of the page if you want to post as that page. Use the user access token to post to the wall of the page if you want to post as that user.
And the Facebook Query Builder might make this whole process a lot easier. :)
Hope that helps!
I've searched a lot and I see that offline_access on fb is deprecated. So, I have a website hat needs to Post a photo at the Client's wall (Post at site and Facebook too), but I want to store the login data (via token or something like that), I read here that I can't store it.
There is another way to post on wall or my client will need to Post manually on his fb?
Edit: My website is in one server, the admin is in another server, I'll make a call from admin server to site in a page that stores login information (if it's possible) and post on his wall a photo.
Thanks
Note: I've searched a lot since yesterday I didn't found anything like that, if you have a similar post with the answer please let me know.
If you have the user's access token you can use that token to perform activities on his behalf.
But the point here is- this token expires in 2 hours. But, you can extend this token upto 60 days. But after that, user needs to visit your app again to get the normal token again and you can then refresh that token to extend its validity again.
You can read Expiration and Extending Tokens section in this doc: Access Tokens
(Just a suggestion) What you can do anytime user visits your app, extend it save on your server. So, the token wont expire until and unless user didn't visited your app for 60 days. And when you are close to 60 days send him some notification.
Firstly I am aware that there are a million questions similar to this, but they are all either out of date (Facebook has changed and the instructions no longer work) or don't explain how to do specifically what I am asking.
I'm trying to register an app on Facebook so that I can autopost to the company Facebook page, of which I am an admin.
I'm trying to do this via PHP, with which I have considerable experience (PHP, not Facebook API.)
So far I have registered as a Facebook developer, made a Facebook app, got the appID and secret word, and downloaded the facebook-php-sdk from Github. I have attempted to follow a couple of tutorials but the Facebook developer/app pages have all changed and so the intructions are now invalid.
All I want to do is to be able to post automatically to my page's wall from the server via PHP, as if I posted the status update myself as the page admin. I don't understand how or why this is so difficult.
The Facebook app page has a million settings that I've never heard of and don't seem to be related, then there is no information that gives any direction to do what I want to do.
This is about as far as I've got and I've hit a wall. No idea what to do next. Facebook keeps asking me "Select how your app integrates with Facebook" but their options don't appear to include what I want, which is just to post on my own page. I don't appear to actually be able to use the app yet, as there are various settings its insisting on, like "Canvas URL", which I do not understand, etc. and then I obviously need to set permissions, yet I see no way to do this either.
What do I do?
Setting up an app
You are going to need to authenticate the user who has at least content creator rights on your page. So you need to choose 'Website with Facebook Login' and enter your website url.
You'll also have to enter the domain (website url without protocol)
Keep it in sandbox mode while you test it you can edit that later.
You don't really have to worry about other settings as the permissions to ask can be added directly in your php code.
"Online" Access
To logging and post directly to facebook you'll need to retreive an access token
Getting an access token
Here is a basic run down:
Get user to login and allow app with appropriate permissions (manage_pages, publish_stream) if he hasn't
Retreive user access token
Query /me/accounts with user access token to get the page id & access token
Then all you have to do is make your API call with id & access token to post on facebook
"Offline" Access
In order to post without having to logging (usefull if you aren't the only one posting) you need a permanent extended token. So you basically should have a separate script that you'll run once to retrieve that extended token and store it.
Getting an extended access token
To be able to post without the user being logged in you need a permanent access token for your page.
Here is a basic run down:
Get user to allow app with appropriate permissions (manage_pages, publish_stream)
Retreive user access token
Change user access token for extended user access token
Here is how I do this step (you could also use curl)
$token_url = "https://graph.facebook.com/oauth/access_token?client_id=YOUR_APP_ID&client_secret=YOUT_APP_SECRET&grant_type=fb_exchange_token&fb_exchange_token=OLD_TOKEN";
$accessToken = #file_get_contents($token_url);
Then
Query /me/accounts with user extended access token to get the page
Change page access token for extended access token (same code as
above)
(The last step shouldn't be necessary according to the doc as you should get an extended page token when you query /me/accounts with an extended user token but in my case it didn't work)
And you get a permanent access token that only expires if the user changes password or disallows the app. All you have to do is store it with the page's id and retreive it wherever you need an API call to post to facebook.
The php sdk is pretty well documented so you shouldn't run into any problem a google search can't fix. Look for post september 2012 threads the flow hasn't changed since neither did the php sdk much.
I need implement a functionality in save/update function, of my customers system:
In each save/update, I need get this informations, and send to a Facebook Page (every the same Page).
But my problem is: this system is used by a lot users, and some users do not have a Facebook account, so: How can I post in same Page without login?
I know the offline_access are removed, so, what the best solution in this situation?
I don't find any way, to get the Page Access Token
I create some APP in my personal account of Facebook, but, when I try post in this Page, I get a access unauthorized for this user/app
Sorry for my english.
For you to post updates on to the Page's feed there are few things you would require
An User with administrative or content publishing permission to atuhorize your application with manage_pages Extended permissions. If you have implemented the login, you can add these permissions there, or alternatively you can use Graph Explorer with your application selected to get started.
After you have been authorized then you can retrieve the Page Access Token by querying /me/accounts which would return data as shown in this documentation. You can then utilize the access token you retrieve for the corresponding page to do your job of posting updates.