I'm trying to create test users for my Facebook application. They announced this functionality in this blog post in November (http://developers.facebook.com/blog/post/429) and it is documented here (http://developers.facebook.com/docs/test_users/). I could not find the answer to this elsewhere...
According to the documentation, "You can create a test user associated with a particular application using the Graph API with the application access token." This links to the section "Autenticating as an Application" and describes this CURL script:
curl -F grant_type=client_credentials \
-F client_id=your_app_id \
-F client_secret=your_app_secret \
https://graph.facebook.com/oauth/access_token
So far, so good. I ran this and get the following:
access_token=1182...18|nTI...r5Q
So now I want to POST this token to the graph api test user URL:
POST /1182...18/accounts/test-users?installed=true&permissions=read_stream&access_token=1182...18|nTI...r5Q
When I do this (both using the Facebook PHP SDK and just typing it into the browser) I get:
{
"error": {
"type": "OAuthException",
"message": "Invalid OAuth access token."
}
}
So the questions are:
Why am I getting this error message?
Am I using the wrong access token (despite Facebook explicitly telling me to use this one?)
Do I need to parse the access token somehow?
Thank you for your help.
Here is some working code that will allow you to create a test user with the PHP SDK.
Ensure your access token is properly urlencoded when passing back to facebook.
I was getting this error until I removed some parameters from example code I saw floating around. Here is an example in python using requests that I finally managed to get working:
# Get the access token
resp = requests.get(
'https://graph.facebook.com/oauth/access_token?grant_type=client_credentials&client_id={app_id}&client_secret={app_secret}'.format(
app_id=APP_ID, # Your app id (found in admin console)
app_secret=APP_SECRET # Your app secret (found in admin console)
)
)
# Parse the token
token = resp.content.split('=')[-1]
# Create the user
data = {'access_token': str(token)}
resp = requests.post(
'https://graph.facebook.com/{app_id}/accounts/test-users?installed=true'.format(
app_id=APP_ID
),
data=data
)
print resp.content
Related
I am trying to post to a Facebook account (with permissions) using the PHP
API. I am giving our users two options - posting to the Feed, and posting
to a specific facebook page. I am getting an error in the first case, but
not in the second case. In the code below:
$access_token is the access token I got back from linking to my app. It's of type
"User", and has the following permissions:
email
pages_show_list
business_management
pages_read_engagement
pages_manage_metadata
pages_read_user_content
pages_manage_ads
pages_manage_posts
pages_manage_engagement
public_profile
Where $page_token is, well, a "Page" type token, with the same set of permissions.
When I post to the page, it works fine. But when I try to post to the timeline, I get
the error:
Graph Error 200 : [Timeline]: [(#200) If posting to a group, requires app being
installed in the group, and either publish_to_groups permission with user token,
or both pages_read_engagement and pages_manage_posts permission with page token;
If posting to a page, requires both pages_read_engagement and pages_manage_posts
as an admin with sufficient administrative permission]
I'm not trying to post to a group, I'm posting to an account's timeline. And, per the
access token debugger, I have the permissions requested anyway. What's going on?
My code is below:
$linkData = [
'link' => $link_to_post,
'appsecret_proof' => $app_secret_proof
];
if ( POSTING TO TIMELINE )
{
$token = $access_token;
$post_to = "/me/feed";
}
else
{
$page_id = $page_id;
$token = $page_token;
$post_to = "/$page_id/feed";
}
// THIS THROWS THE EXCEPTION:
$response = $this->fb->post($post_to, $linkData, $token);
You can not post to a personal timeline via API any more, that was removed ages ago already. (With introduction of API v2.4, if I remember correctly.)
You can only use the Share or the Feed dialog, to offer the user a way to actively share / make a post themselves, https://developers.facebook.com/docs/sharing/web
can somebody tell me please how can I get images from my own Instagram via PHP? I have login name, password, app id, app secret. IG changed the api so all the documentation including how to get access token does not work. I have this peace of code:
$fb = new \Facebook\Facebook([
'app_id' => self::APP_ID_IG,
'app_secret' => self::APP_SECRET_IG,
'default_graph_version' => 'v2.10',
]);
// This return string which creates access token as "app_id value|app_secret value"
$token = $fb->getApp()->getAccessToken();
// This line throws me an error:
// Error validating application. Cannot get application info due to a system error.
$response = $fb->get('https://graph.instagram.com/me/media?fields=media_url,media_type', $token->getValue());
I am lost in it. Thanks for help.
You should take a look at the Instagram's Media API
This endpoint should work to query the user's media: GET /{ig-user-id}/media giving you a list of media ids:
{
"data": [
{
"id": "17895695668004550"
},
{
"id": "17899305451014820"
},
{
"id": "17896450804038745"
},
{
"id": "17881042411086627"
},
{
"id": "17869102915168123"
}
]
}
After that, I think you sould use the graph API to get the image URL of each media id.
I created a vuejs adaption a while back, maybe this code structure snippet helps you since I don't have time right now to translate it into php, it is written in javascript but the API requests remain the same (just use curl instead of axios): https://gitlab.com/-/snippets/1957175
General steps:
Get your authorization code either via a Login Window or via a facebook app (described below)
Transform it into a shortterm access token
curl --request POST \
--url 'https://api.instagram.com/oauth/access_token?grant_type=authorization_code&client_id=[CLIENT_ID_HERE]&client_secret=[CLIENT_SECRET_HERE]&redirect_uri=[REDIRECT_URI_HERE]&code=[AUTHORIZATION_CODE_HERE]' \
--header 'Content-Type: multipart/form-data' \
--form client_id=[CLIENT_ID_HERE] \
--form client_secret=[CLIENT_SECRET_HERE] \
--form code=[AUTHORIZATION_CODE_HERE] \
--form grant_type=authorization_code \
--form redirect_uri=https://[REDIRECT_URI_HERE]/
Transform that into a longterm access token
GET https://graph.instagram.com/access_token?grant_type=ig_exchange_token&access_token=[SHORTTERM_ACCESS_TOKEN_HERE]&client_secret=[CLIENT_SECRET_HERE]
Query the Media Graph endpoint with the URL from my snippet using the longterm access token as authorization.
Refresh that longterm access token every 60 days (see my answer on the topic on Github here). You could totally automate that step via for example via CRON.
GET https://graph.instagram.com/refresh_access_token?grant_type=ig_refresh_token&access_token=[OLD_ACCESS_TOKEN_HERE]
For more info about which field to add to the query check the official facebook documentation
Getting an authorization code via a facebook app:
Log into your facebook developer account
Create a new Application
Under products, add Instagram Basic Display and fill out all necessary fields
Within the section Basic Display of the Instagram Basic Display product you will find your App ID and Secret
Below that you can enter your redirect_uri
Finally below that is the User Token Generator which you can use to
[...]quickly generate long-lived Instagram User Access Tokens for any of your public Instagram accounts. This is useful if you [...] don’t want to bother with implementing the Authorization Window [...] See Instagram Basic Display API Docs
Continue with 3. of General Steps
My auth URL:
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id={{app_client_id}}&scope=User.Read Sites.Read.All files.read files.read.all files.readwrite files.readwrite.all offline_access&response_type=code&redirect_uri=https://yourdomain/sharepoint-response
Using that URL, I get this response code
POST : https://login.microsoftonline.com/common/oauth2/token
body : "client_id="{{app_client_id}}"&redirect_uri="https://yourdomain/sharepoint-response"&client_secret="{{app_client_secret}}"&code="{{code from above url}}"&grant_type=authorization_code";
getting token
Then I follow all steps from https://learn.microsoft.com/en-us/sharepoint/dev/apis/webhooks/lists/create-subscription
Now I get:
"error_description" => "Invalid issuer or signature."
If you are using Azure AD try replacing grant_type=authorization_code with grant_type=client_credentials in the URL when you call the SharePoint API.
I needed the client_credentials grant_type because I'm using an Azure AD Application with Sites.Manage.All API permission which always needs client_credentials because it's an application type permission and not a delegated type.
If you want to use user login you will need to set delegated permissions.
I want to publish feeds on the Facebook Page by API. I have followed the facebook documentation creating app in the facebook developer. Before I have registered a account facebook (example: test_account) and after that I have created the page for the business activity (example: test_page) where the manage admin is "test_account".
I have gone to the API by Graph API Explorer
https://developers.facebook.com/tools/explorer
I have granted the "publish_actions" and taken the access token generated by interface tool as followed image
After that I have tried the call POST request to test the publish feeds on the page facebook (test_page) by
https://graph.facebook.com/{id_page_business}/feed?message=test_message&access_token={access_token_APP}
and I have received the new ID_feed and I have seen the feed on facebook page and OK, but the access token the day after was expired. How can I have the access token that don't expired ?
I have tried another solution to obtain the access token from the call GET request (as documentation)
(STEP 1)
so I have obtained access token associated to the APP (see below)
access_token={APP_ID}|xxxxxxxxxxxxxxxxxxxxxjw
(STEP 2) I have sended call GET request
https://graph.facebook.com/{APP_ID}/accounts?access_token=APP_ID}|xxxxxxxxxxxxxxxxxxxxxjw
and I have obtained the followed response:
{
data: [1]
0: {
id: "xxxxxxxx"
login_url: "https://developers.facebook.com/checkpoint/test-user-login /132173517148280/"
access_token: "123456........"
}
paging: {
cursors: {
before: "yMTczNTE3MTQ4Mjgw"
after: "yMTczNTE3MTQ4Mjgw"
}
}
}
(STEP 3) So I have tried the call POST request to publish the feed on the facebook page with the last access token (123456........) and I have received
{
id: "1256xxxxxx_133346xxxxxx"
}
but in the page business I don't see the feed... WHY?
IMPORTANT:I have noticed if I call the request GET API to obtain all feeds page (https://graph.facebook.com/ID_PAGE/feed?access_token=CAAPG1DFdxrs...........) I can see the feeds published, but into the facebook interface timeline I don't see the feed.
I have noticed that the feed publish by API return:
message: "test"
created_time: "2015-11-29T16:39:44+0000"
id: "APP_ID_138999329797136"
The second part the id is different respect when I publish the feed with access token get from the API Graph.
You need to have extended token on page access token to post on the page. App access token will provide you all read access to the page but will not allow you to post.
Below steps must help -
Get the page access token using -
https://graph.facebook.com/{APP_ID}/accounts?access_token={APP_ID}|xxxxxxxxxxxx
Using the page access token obtain the extended token, below is how I had implemented using VB.NET
Dim parameters As Object = New ExpandoObject()
parameters.client_id = FB_APP_ID
parameters.client_secret = FB_APP_SECRET
parameters.grant_type = "fb_exchange_token"
parameters.fb_exchange_token = short_token 'FBClient.AccessToken
Dim result As Object = FBClient.Get("oauth/access_token", parameters)
Use this extended token to post on page. It worked for me, hope it helps you.
I am working with Github now.How can i suppose to get the "OAuth token" for github login user.Now i have the Data like client_id,Client Secret,access_toke(these all data getting after login to github only).how can i get the OAuth token through the above data.
I got oauth toke through command line like:
[root#localhost Dinesh]# curl -u 'DineshGK' -d '{"scopes":["repo"],"note":"Help example"}' https://api.github.com/authorizationsEnter host password for user 'DineshGK':
[root#localhost Dinesh]# curl https://api.github.com/authorizations --user "DineshGK" --data '{"scopes":["user"], "client_id":"...", "client_secret":"..."}'
Enter host password for user 'DineshGK':
{
"id": 2300973,
"url": "https://api.github.com/authorizations/2300973",
"app": {
"name": "SenchaPlayground",
"url": "http://192.168.1.56/OldPlayground/"
},
****"token": "..."**,**
"note": null,
"note_url": null,
"created_at": "2013-04-16T07:34:21Z",
"updated_at": "2013-04-16T07:34:21Z",
"scopes": [
"user"
]
}
I want that Highlighted token pragmatically(using JS/PHP)..
Can any one help...
Thanks in advance ....
Please edit your question to remove your "client_id", and the token returned. Also, please go to your app settings and get a new "client_secret". None of that information should ever be made public to ANYONE.
Now, if your intent is to use cURL from JavaScript or PHP, you're going to have a very bad time. I would look into the how to make HTTP/1.1 requests in each and check out some of the existing libraries for either PHP or JavaScript that wrap the API for you. With those in hand (having never used any of them in all candor) you should probably receive something akin to a Hash or some other data structure to be able to retrieve that information. If you read their documentation you'll do a lot better than someone telling you what to do who has never used any of those libraries.
You can't completely automate this process, the user must be involved to manually grant access to your application. That said, Temboo simplifies the OAuth process for GitHub by breaking it into two steps:
Generate an authorization URL that you can display to your user. This allows the user to authorize you to use their GitHub account. The first step also generates the callback URL you'll need for the second step of the process.
Retrieve an access token once the user has granted access to your application.
Full details on how Temboo simplifies GitHub OAuth (using PHP) can be found here.
(Full disclosure: I work at Temboo)