I am developing the application by Facebook PHP SDK.
If a user uninstalls this application from the Facebook page, I'm going to delete related data from my app. Is there any way of recognizing uninstallation of an application by PHP?
From the docs on authentication:
App Deauthorization
When a user of your app removes it in the App Dashboard or blocks the
app in the News Feed, your app can be notified by specifying a
Deauthorize Callback URL in the Developer App. During app removal we
will send an HTTP POST request containing a single parameter,
signed_request, which contains the user id (UID) of the user that just
removed your app. You will not receive an user access token in this
request and all existing user access tokens will be automatically
expired.
You can access updates about your app using Facebook Realtime Updates. These are webhooks - urls you provide on your server - which facebook POSTs information to when various actions happen, such as the user uninstalling your app.
Related
I am creating an application which aims at automatically creating Spotify Playlists in a central Spotify account (not the account of the end users).
I have set up this account and created the developer app for the secret and the client_id.
On the backend side, I am using PHP to authorize this central user, and it is working as long as I am logged in myself with that account.
Users that visit my website should be able to create playlists via that interface through the Spotify Web API without the need to authorize their account nor being logged in at all.
If I'm trying to open the same page on a separate device (without having any account logged in), it just gives me the following error:
User not registered in the Developer Dashboard
Is it somehow possible to perform this authorization process only on the backend side without the need for the user to authorize it?
Eventually, I want to send the playlist URL created in the central Spotify Account to the user who can open it in their own app or share with others, if they want to.
I try to avoid that multiple users must authorize for my app, since I don't need to access personal information from their account, anyways.
I used the 3-step process for authorization as described in this Stackoverflow Post: Spotify oauth2 with PHP curl. How to get authorization code?
If necessary, I will provide more information.
Do you have any idea, how I can implement this authorization process for the single account on the backend side, without the user even showing any authorization process of the Spotify Web API at all?
EDIT1: I am not trying to login on the behalf of my users, just automatically for my own account without the interactive login with Spotify. Is that even possible?
I received valuable feedback from the Spotify Developer Community that helped me finding a solution to the problem.
When you let the central Spotify account login to your app, you'll [get] an access_token (that will expire in 1 hour) and a refresh_token.
When the access_token of that account expires, let your server send a POST request to the Accounts service /api/token endpoint, but use the refresh_token in place of the access_token.
A new access_token will be returned.
A new refresh_token might be returned too. (I don't think that's even needed)
You can read more about it here.
I have a webservice created in PHP/MySQL. I have also created a simple RESTful API for the webservice and what I want is, to create an iOS app (in SWIFT).
What I need is a system for users to login via the iOS app.
If the user, successfully logs in via a web browser, a session starts so it keeps the user authenticated and logged in.
If the user logs in via the iOS app, I know how to validate the user (check email/password) by making a call to my API but I have no idea how I should handle the next step after a successful login. What should be the corresponding "session" for the iOS app?
Please note that I don't want to validate a user via google, facebook or whatever, I only want to validate a user against my database.
Two possible solutions that I have read about are oauth and JWT but their purpose is not clear to me. Especially oauth looks like I should use it if I want users to login to my service via google, fb, etc.
I am trying to connect to the Facebook Graph API using the PHP SDK and view recent posts of a business account. BTW: I know there is a widget available for this task, but due to speed constraints, I would rather access the API and cache the response myself.
So I used my personal account to sign up at developers.facebook.com, created an app and obtained an AppId and AppSecret. My question relates to obtaining an access token for use with the graph API using the PHP SDK.
The examples on the getting started page shows how to obtain an access token by manually clicking a link and receiving a callback to my website. I am not creating a public app as such, I don’t want a manual login because my script will be run periodically by the server.
In any case if I click the Log in with Facebook! link, I get the following message which I don't understand:
The Twitter API provides automatic authentication but I cannot understand how to impliment this using Facebook. Can anyone point me in the right direction?
For my web application - I need to fetch all the data for a particular facebook page. What kind of permissions do I need. Do I really need to create a canvas app for it?
I dont intend to do anything on FB - but use some of the data available to arrive at some conclusions in my web based application which will be hosted on a server outside of FB.
Facebook's API documents should provide everything you need:
https://developers.facebook.com/docs/graph-api/reference/v2.1/page
According to the permissions section, you'll need either an App token or a User token. Since you're talking server-to-server (I'm assuming this is server-to-server on account of the PHP tag), you're going to want to use an App token:
https://developers.facebook.com/docs/facebook-login/access-tokens#apptokens
You should be able to create a Facebook App from within your Facebook account, which will provide you with an App ID and App Secret. You can use those to make calls directly to the API.
I have a facebook app and I have also created a page for that app and I have linked them together. Now using apps key and secret I want to get that page's access token in my php code without login (script runs in cron). Logically authentication should be unnecessary since since I need app admin permission and admin permissions on the page side in order to link them together. Is there a way to ask for the pages linked to the app?