I am having a scenario within our iPhone App where people post things on their Facebook wall through our App. User's signup to our App. At a certain action, they post something on their Facebook wall and we want to track if this post will still exist after a certain time.
Once they signup to our App, they will either select as "Public" or "Friends" when they download our App. Is it possible to track from our end whether a certain post still exist or not?
Is there anything on the Facebook account settings as a user to disallow this to check?
When you post a feed, a post-id in returned in response. You can make a call using Graph API: \GET /{post-id}. If the post still exists, it'll return you all the details of the post but if not it will return the error in the response.
But, according to the documentation of /user/feed,
A user access token with read_stream permission is required.
Now this will make the things a bit complicated. Since a user token is valid for only few hours, you have to extend it (validity: 60days) and save it at your end. Also, read_stream perms is required.
To know more about extending the token and refreshing it again, see the "Expiration and Extending Tokens" section here: Access Tokens.
Related
I am trying to determine if page access tokens used with the messenger api are permanent. Seeing this code in one of their examples, which indicates to me that they are using the token as a constant value :
access_token: PAGE_ACCESS_TOKEN
I get the Page Access Token shown on my facebook app dashboard in this way:
I log into facebook, go to developer.facebook.com, select my messenger app, then on the dashboard go to Products > Messenger > Settings and can select my page and then get a token.
Can I put that value in a properties file and then use it indefinitely with my application when getting/sending messages to and from the page?
I am getting a bit confused regarding the documentation around other tokens, like user tokens and login tokens vs. page tokens.
Editing to add that I am using the page access token in order to make a POST request to this url : https://graph.facebook.com/v2.6/me/messages in order to reply to a message sent to my page by a user.
I believe I have solved this and wanted to post in case anyone else had the same confusion.
I assumed I needed to make a GET request to a facebook url in my code to get a new token before each Request to GET or POST to the messenger API. Using the information in the links above, I learned how to get an extended token here:
https://developers.facebook.com/tools/explorer/<my app id here>?method=GET&path=me%2Faccounts&version=v2.10
I then can use that ID indefinitely as it is supposed to not expire. I am going to assume it is OK to put this id into my properties file, if anyone has opinions on a better place to store this token value I would be interested.
Extended Page Tokens are valid forever.
You need to use a User Token, extend the User Token and then get an Extended Page Token with the Extended User Token.
More information:
https://developers.facebook.com/docs/facebook-login/access-tokens/
http://www.devils-heaven.com/facebook-access-tokens/
Objective -C / iOS
I will use follow api of instagram .
set URL :https://api.instagram.com/v1/users/{userid}/relationship?access_token={access_token}
parameter string is "action=follow" ,and data sending way of post
But , it doesn't works. I received error.
meta = {
code = 400;
"error_message" = "This request requires scope=relationships, but this access token is not authorized with this scope. The user must re-authorize your application with scope=relationships to be granted write permissions.";
"error_type" = OAuthPermissionsException;
};
When i use login api of instagram , scope = relationships+likes ... data sended
How to use instagram follow api in iOS.
Instagram changed its API guidelines since mid April, 2015.
https://help.instagram.com/contact/185819881608116
The OAuth 2.0 specification allows you to specify the scope of the access you are requesting from the user. All apps have basic read access by default, but if you plan on asking for extended access such as liking, commenting, or managing friendships, you need to specify these scopes in your authorization request. Note that in order to use these extended permissions, first you need to submit your app for review. For more information on how to submit your app for review, please check out the documentation of the endpoint that you plan to use.
Hence you need to get your app reviewed by instagram first to use these extended permissions such as Likes, Comments and Relationships.
As stated in the error that you're getting, you need to have a certain permission for you to be able to perform a "follow" action. You can't just follow another account on a user's behalf without getting the proper permission first in the authentication process.
When calling the authorize api you can add a parameter called scope which specifies the permission level that your app is requesting. For example: scope=basic+relationships will allow you to read all basic user data and also follow and unfollow accounts on a user’s behalf.
This is a post request. To make post request to InstagramAPI you need to submit your application details and company details to Instagram for review. Maybe other relationship endpoints will work fine without submitting your app. Even though you are adding scope as scope=likes+relationships+comments, instagram will give you basic permissions only. For more details visit the following link https://instagram.com/developer/endpoints/relationships/#post_relationship
Is there an alternative to allowing the permissions of some sort rather then 'read_stream' permission in Facebook, for a user to read or an app pull their Facebook feed or home feed?
It's very hard, if at all, for Facebook to approve the 'read_stream' permission, so I'm looking for an alternative steps to still allow for our users to pull their favorite stories in our rails app. Any suggestions?
There is no alternative. You can use user_status to get the status posts of the authorized user with /me/statuses.
Btw, it´s not only "hard" to get read_stream approved, it´s nearly impossible ;) - but for very good reasons. Apps should not get access to posts of users who did not even authorize the App.
edit: There is also user_posts now, as replacement for read_stream: https://developers.facebook.com/docs/apps/changelog#v2_3_new_features
Did some investigation. And it is possible.
Instead of the feed you need to access the endpoint /me/posts
This API is accessible with either read_stream or user_posts permission.
https://developers.facebook.com/docs/facebook-login/permissions/v2.3#reference-user_posts
See here for more information:
https://developers.facebook.com/docs/graph-api/reference/v2.3/user/feed
It is quite hidden, but if you know where to look you can find the docs.
I have an iOS app which posts to Facebook on behalf of the user logged in through the iOS Facebook setting.
Two problems -
the posts are marked private, the users friends don't see them.
The iOS app want to be able to harvest Like and Comment info but I get back a 400 from FB.
Here's the wrinkle, my Facebook account works perfectly (posts are visible to friends and I can get the Like and Comment info), but a test user account will post only as private and the iOS app gets a 400 when trying to get post info.
The attached screen shots show the different permissions (top for tester, bottom for me) but I can figure out what to ask Facebook for at login to get the same permissions for both users. Currently I'm asking for publish_actions and user_status.
Any help would be much appreciated!
You need to make sure you are asking for public_profile also you need to make sure you split your permission access into two pieces, as per FB, 1) read 2) write
Just follow the login process on the Facebook Dev page, this will allow you to outline your permissions the right way. Also make sure your test user is added into the groups on your Facebook Dev portal.
Also can you provide any code of what you have tried?
Turns out the post_id element was not what I wanted but rather the id. After that I could use json to get the comments and likes. So the call was almost correct.
And adding stream_read to the permissions got the post to be visible to friends...
Thanks for all the help!
as I started to work with Twitterizer in order to publish on someone's wall I am in confusing time.
There is a page, my case, DefaultTwitter.aspx where is link to authenticate on twitter with token provided. Goes on Twitter and comes back to CallbackTwitter.aspx with outh_token and secret. And so the user is identified. On twitterizer example says:
Step 5 - Store the results
You should now store the access token and the user details. Keep in mind that the
only way an access token will become invalid is if the user revokes access by logging
into Twitter. Otherwise, those values will grant you access to that user's data
forever.
My questions are: - should I store any data in SQL datatable and what exactly(however I hope that is not the case to do so)
somebody said that I should save in a cookie(I thought in session); however then if another user comes then how should I create a button to logout or something like that?
-how will user revoke application access if he would like so?
A live example will be much appreciated as I could not found any on internet how exactly twitter api works.
When your application finishes getting authorization to access the user's data, the result is the access token (represented by 2 values, a key and a secret). Those values are, in effect, the username/password you can use in requests to the API on behalf of that user.* Save those values in your SQL database. You'll also be given the user id and screen name. It's probably a good idea to keep those handy, too.
The user can revoke access to an application by going to http://twitter.com/settings/applications, finding the application and clicking the revoke access button next to it. Your application cannot revoke access for the user.
You asked for an example, but you're citing the example application. Just look at the source code in that sample.
* - That's a simplification for explanation sake. Please don't crucify me, OAuth experts.