I'm currently creating a server CLI application retrieving facebook Ads metrics through the Marketing API, it would be done as a long running service on the server doing so periodically without user input, but I can't seem to find a way to get a token for doing so.
All procedures to get an access token from facebook PHP Api seem to assume a user is there to login to facebook. I looked quickly to see if I could connect manually with curl but there is some js generated variables in the facebook login process, so that would complicate things.
Is there any way to get Marketing API insight with only an app id/secret ? Or is it possible to retrieve an access token without user input ?
The closest I've been is this :
Api::init(
'appID', // App ID
'APPSECRET',
"appid|appstring"// APP token
);
$campaign = new Campaign('campaignID');
$params = array(
'date_preset' => InsightsPresets::LAST_7_DAYS,
);
$insights = $campaign->getInsights([], $params);
print_r($insights);
But I get an error "Cannot determine the target object for this request. Currently supported objects include ad account, business account and associated objects."
Do you have access to Business Manager? You can generate a System User there which comes with a non-expiring token. See here.
With App ID and App Secret, you can only get an App Access Token. There is no relation to any User with that one, so there is no way for Facebook to know if you are allowed to have access to the Marketing API or Insights:
To access the Marketing API you need a user access token having the
permissions ads_management or ads_read
Source: https://developers.facebook.com/docs/marketing-api/quickstart#access-token
You can use and store an Extended User Token that is valid for 60 days.
More information about Tokens and how to extend them:
https://developers.facebook.com/docs/facebook-login/access-tokens
http://www.devils-heaven.com/facebook-access-tokens/
Related
We are using the Oauth 1.0 authentication Flow with the Twitter API. This basically come down to this spec: http://oauth.net/core/1.0/#anchor9.
We created the app and started to get users. Later we implemented Signup with Twitter where now we require the users email address from the API. We asked Twitter and therequest was granted. It works, great.
Now we have an issue with existing users because those authorized the App before we had that Email permission and with their existing Access Token, Twitter doesn't give us that.
Twitter writes in their documentation (https://dev.twitter.com/rest/reference/get/account/verify_credentials)
Note
Your app will need to regenerate the user access tokens for previously authenticated users to access their email address.
How can this be done?
When we delete the corresponding data (token and secret) on our side and ask for new Auth it doesn't have any effect. Twitter always gives us the same token and secret again.. and with that in the account/verify_credentials call no email address.
The only way which we found works is when we log into Twitter and revoke access to the App. Then we get a new token and secret which gives us access to what we want.
But we don't want to tell that to our users but rather do this programatically utilizing the API. How?
Try to request a new/different permission from the users:
What if I want to request a different level of access for my
application instead of the one my application is registered with? You
can do this now by using the x_auth_access_type parameter during the
request_token phase. Using this parameter you can request a read or a
read/write token even if your application is registered for read/
write/direct messages.
More information on this method is in our developer documentation:
http://dev.twitter.com/oauth/reference/post/oauth/request_token
I have built a platform for my local young professionals organization with a PHP backend using Laravel. One of the newest initiatives I am wanting to take on is the integration of our marketing insights and for the board to take a quick look at our marketing efforts without needing to be directly in the software, such as our Piwik setup and FB page insights.
I have pulled the Open Graph/FB SDK and have configured some basic APIs to use in the software. I am wanting to make it so board members without admin access on the FB page can still see the insights. Is it possible to use an app access token to grab the insights? Do all of the board members viewing the PHP page need to be logged into FB with admin access to the page?
This is possible if you use a long-lived (eternal) Page Access Token.First, you'd have to get a User Access Token, for example via the Graph Explorer (https://developers.facebook.com/tools/explorer), with manage_pages and read_insights permissions.
Then, you need to exchange the returned short-lived User Access Token with a long-lived one. Next, request /me/accounts with the long-lived User Access Token and fetch the eternal Page Access Token from the result. Store it your application for further use.
You can check the Access Token with
https://developers.facebook.com/tools/debug/
Have a look at
https://developers.facebook.com/docs/facebook-login/access-tokens#pagetokens
https://developers.facebook.com/docs/facebook-login/access-tokens#extending
https://developers.facebook.com/docs/graph-api/reference/v2.2/page/insights/
https://developers.facebook.com/docs/graph-api/reference/v2.2/insights/
I've been trying to get Google's Calendar API working in a PHP web application, but I'm having a hard time getting authenticated.
What I want to do is to allow users to interact with calendars of a single account known by the server.
Each type of scenario covered in the OAuth 2.0 docs talks about "user consent" which involves a login form and the individual user logging in, but I want the server itself to authenticate directly and obtain an access token for itself.
Is there some part of OAuth or some alternative mechanism I can use to do this?
In order to do this, you must go through the steps for user consent and then copy the access tokens it gives you into the PHP code.
The usual procedure for OAuth is like this:
Send user to authentication page.
User comes back with $_GET['code']
Send $_GET['code'] to OAuth server for a token
Store token in database for the user (or session, if it's very short lived)
But when doing it with a single calendar like this, you modify step 4. Instead, you dump the token to screen and copy it into your PHP file as variables, instead of putting it in the database. Then when you go to pass the access token to the server, you just pass the known, static token rather than a dynamic token from the database / session.
See mathewh's answer here:
How to automate login to Google API to get OAuth 2.0 token to access known user account
The lightbulb for me is when you get the access token you get a refresh_token as well... you use this token to "refresh" your access token once it expires.
There is no way around a manual authorization step the first time.
I am using the Facebook PHP SDK in a server-side API which is used by several mobile apps (iOS & Android) and a website to read/write data to the database.
I cannot see any reason why the web version will not work because the sessions set by Facebook can be read from the browser via the SDK.
So if I am using:
$facebook = new Facebook(array(
'appId' => 'xx',
'secret' => 'xx',
));
// Get User ID
$user_id = $facebook->getUser();
And the $user_id is set, then I can get the user information for the logged in user. This means that when I am saving, updating or getting records from the database they are guaranteed to only be for the logged in user and cannot be spoofed.
How to securely communicate from mobile web app to server using Facebook PHP SDK
So, how would this be replicated for a mobile application? How can the mobile application use the API and prove that the Facebook ID it wants to modify is logged in and authorised on Facebook?
If I understand correctly, you have a user logged in on your mobile app and you want to access stored data on your server. (Or maybe the other way around, can't really tell from your question).
Aside from the custom authentication solutions you can use, have you considered passing the facebook access token instead of the id as a simpler solution. The access token expires, it's not public and you can easily exchange it for an id from facebook or parse the token itself. Here is an example solution:
How to get the Facebook user id using the access token
You can also validate the user on the server or client side easily with the token. I haven't used this solution with mobile apps, but have used something similar for multisite apps. Good luck
According to the instruction given here searching public information (as https://graph.facebook.com/search?q=QUERY&type=OBJECT_TYPE) needs to have a valid access token. As I know access token is when a user authorized an apps to access his information; but this is searing the public information. How to get an apps access token to search public information?
In that page, facebook automatically add my access token to the link as
https://graph.facebook.com/search?q=watermelon&type=post&access_token=MY_ACCESS_TOKEN
I created an access token by my apps as https://graph.facebook.com/oauth/access_token?client_id=APP_ID&client_secret=SECRET_ID&grant_type=client_credentials
When I use the generated access token in url https://graph.facebook.com/search?q=watermelon&type=post&access_token=GENERATED_ACCESS_TOKEN, it gives an error
{
"error": {
"message": "A user access token is required to request this resource.",
"type": "OAuthException"
}
}
How can I generate access token by my apps?
Or do I need to generate access token by own user account? if yes, how?
Since it is searching public profile, facebook should not need authorization on every search, can I generate a permanent access token to perform different searches?
The Graph API Search interface has changes pending with the Q3 2013 migration.
The following change will go into effect on July 10, 2013:
Graph API search changes
App access tokens will be required for all search Graph API calls except Places and Pages. Search for application will no longer be supported.
https://developers.facebook.com/blog/post/2013/04/03/platform-updates--operation-developer-love/
For searching the facebook graph API using
http://graph.facebook.com/search?q=watermelon&type=post
you need a valid user access token. A user access token is different from App Access token. A user access token is created when a user authenticates your app with different access permissions which is generally close to 212 letters long.
A changes was made in the graph API in July,2013 whereby you will need to have a valid user access token to search for users and posts. The user access token could be generated by you yourself authenticating your app and generating an user access token for your app.
But the question remains, How should we generate a user app token for our apps without making other users to authenticate our apps?
The access token you are requesting looks like an 'application' access token. This token differs from a 'user' or 'page' access token and is used for different things.
https://developers.facebook.com/docs/howtos/login/login-as-app/
This can be used to modify the parameters of your App, create and
manage test users, or read your application's insights for example.
App access tokens can also be used to publish content to Facebook on
behalf of a person who has granted a publishing permission to your
application.
Depending on what you are trying to actually do, an application token might be the wrong form of OAuth. Your example (searching for public posts with the term watermelon) doesn't require an OAuth token, so you're obviously trying a different type of graph search. Without saying what you're actually trying to access, it's impossible to actually advise you correctly.
However, I'm going to guess that you're trying to get access to graph objects that require permissions from a specific user. If that's the case, then you need to get permissions from that user first, by requesting the scope of permissions that you require.
Process of gaining user OAuth Access Token (https://developers.facebook.com/docs/reference/dialogs/oauth/)
Possible Permissions (scope) that can be requested (https://developers.facebook.com/docs/reference/login/)
This will give you a short term access token for that user, which will allow you to anything within the scope of permissions for which you've requested permission.
This token will only last for a short period after the user has logged into your app. It can also be promoted to a longer term access token
https://developers.facebook.com/docs/howtos/login/extending-tokens/
You don't need to pass any token to search in public information (unless you want to search in user's context). Just make a call to the following url and see the URL. Please mark that I have used http instead of https.
http://graph.facebook.com/search?q=watermelon&type=post
But to make my answer more clear - with properly granted access_token I can make a call to the https version of the above url (https version requires an access token) and it just works fine without any problem.
If you are searching programatically and the search URL will never be visible to the end user you can use this instead:
&access_token=app_id|app_secret
More about this here: https://developers.facebook.com/docs/facebook-login/access-tokens/