I am using angular-facebook to login users to my app using facebook. Here is the code that logs users in:
Facebook.login(function (response) {
$scope.access_token = response.authResponse.accessToken;
});
and then in order to get the facebook id of the user I send a request like this:
Facebook.api('/me', function(response) {
$scope.user = response;
}
Then I save this user in my database.
After this, in $scope.user.id, I have let's say ID abcd.
Then I use this id to get the page access token by sending a request to the following url:
https://graph.facebook.com/'+$scope.user.id+'/accounts
This is giving me this error:
Unsupported get request. Please read the Graph API documentation
Then, in order to check whether my ID is correct, I manually typed the following url in the browser:
https://graph.facebook.com/me?access_token=123123123asdas
To my surprise, I get a different ID here, let's say, 'xyz!'
What am I doing wrong? Why did I get different IDs?
I found my mistake.
As manage_pages permission should be reviewed first, I was getting the access token with manage_pages permission from graph explorer. As it turned out, using different access_tokens will give you different user IDs. So, I will have to get my app reviewed.
This different ID thing is because of app_scoped IDs Facebook introduced recently.
Related
I want to dynamically update Open Graphs Tags on my website, but don't know how to do it properly.
I have understood you're not supposed to use the access token in a client side script, but how do I go about and update it otherwise.
I have seen examples online that does not use an access token, but I get an authorization error then.
Can I make any settings on facebook developer to skip access token or how can I make a call from my javascript, without showing the access token or app secret?
This is the part of my script which runs after modifying the meta:og tags:
//Update Open Graph
$.post(
'https://graph.facebook.com',
{
access_token: '123',
id: strCurrentUrl,
scrape: true
},
function(response){
console.log(response);
}
From Facebook:
for security, app access token should never be hard-coded into
client-side code, doing so would give everyone who loaded your webpage
or decompiled your app full access to your app secret, and therefore
the ability to modify your app. This implies that most of the time,
you will be using app access tokens only in server to server calls.
I am trying to read reactions on a post using the following graph-api call:
FB.options({version: 'v2.12'});
FB.setAccessToken('EAACEdE7w4Fp85PlhH0NYpZBddHyqkx6XXXX')
FB.api('/765898450131958_1518951084826687/insights?metric=page_actions_post_reactions_wow_total', (res) => {
console.log(res)
});
But I always receive an empty data list. What could be the reason for this? For reference I am using FB module to connect to graph-api.
The acces token I am using is my page-access token
In my case, the facebook app instance wasn't set to live. Once the facebook app instance is live, data array returns user info list with id and name . You can check that out in App Review Settings
Click your app instance -> Go To "App Review" -> Click "My Permissions & Requests".
You will see that there are two approved items. I think these are added or granted by default. But if your app is not live, the two permissions will not be active. That includes basic user information like name and profile picture.
TL;DR - Check if your app is live and also make sure that you are using Page Access Token rather than User Access Token.
From official Facebook API documentation:
On February 5th, 2018, User information will not be included in responses unless you make the request with a Page access token. This only applies to Comments on Pages and Posts on Pages.
https://developers.facebook.com/docs/graph-api/reference/v2.12/object/reactions
I have a web app running on a local server that I can log into Facebook through.
I have been trying to add or delete comments from Posts are made by me and on my timeline.
When I try to execute the FB.api() call I get a failed response saying that I need a Page Access Token. The thing is, I've been looking around a lot and have seen nowhere a mention of a Page Access Token for a specific Persons profile.
Through experimenting I've been able to:
Get a Page Access Token for a non-profile Page that I own
Add/Delete Comments/Posts on that non-profile page
Add/Delete Posts made by the app on my profile
Display all Posts/Comments on my profile
What I want to do:
Be able to delete/add comments on Posts on MY profile
What I've tried:
GET request for {my-id}?field=access_token. I figured that if it worked for a non-profile page, it would work for my profile. It didn't work.
A lot of googling
My Assumptions:
I need a Page Access Token for my own profile if I want to add/delete things that were not made by the app
A Page Acess Token for a profile exists.
Below is an example of a FB.api call that would return a response saying:
"Publishing comments through the API is only available for page access tokens"
FB.api(`${comment_id}`, 'DELETE', function(response) {
console.log(response);
});
I really just need someone to give me some concrete answers.
Hi I'm trying to get the youtube user name and the thumbnail with a youtube app. I´m using the v3.0 and the javascript library.
I'm following this example and docs:
https://developers.google.com/youtube/v3/code_samples/javascript
https://developers.google.com/api-client-library/javascript/reference/referencedocs
I don't have problems with the autentication but I don't know how to get de user name and image.
Somebody knows?
You can call channels->list with "part=id & mine=true"
GET https://www.googleapis.com/youtube/v3/channels?part=id&mine=true&key={YOUR_API_KEY}
Id is the channel's ID.
You can get the channel's title from response under snippet.title. This is what you need as usernames are not useful anymore.
From snippet.thumbnails.(key), you can pick the default, medium or high resolution thumbnail, and get it's width, height and URL.
This is what you are looking for to greet, but if you want to go deeper you can check if that account is linked with Google+ and use googleplususerid to retrieve more information via Google+ API.
https://www.googleapis.com/youtube/v3/channels?part=id&mine=true&access_token = [YOUR TOKEN]
YOU MUST get Oauth code and exchange it for Access Token, to :( complex to give you full answer HERE
Here's how I had to modify my requests to make it work with authentication (otherwise I kept getting a "dailyLimitExceededUnreg" error in the response):
Don't include the "key={YOUR_API_KEY}" in the URL.
Instead, add a HTTP header "Authorization: Bearer {ACCESS_TOKEN}"
I am building a web app integrating with Facebook. I have on Facebook an app id and app secret already.
I'd like to use javascript to retrieve my app's access token to make further app-to-user app requests. I'm following the instructions here
However, I could not make my FB.api call working. I tried
FB.api('https://graph.facebook.com/oauth/access_token','get',
{client_id:'XXXXX', client_secret:'XXXXX',grant_type:'client_credentials'},
function(response) {
alert(JSON.stringify(response));
});
and
FB.api("/oauth/access_token?client_id=XXXXXX" +
"&client_secret=XXXXXXXX&grant_type=client_credentials",
function(response) {
alert(JSON.stringify(response));
});
but only to get {"error":{"type":"http","message":"unknown error"}}
Do I use FB.api incorrectly? At this time, I could not find further documentation showing what I did wrong.
On the other hand, I can manually request it from my browser with the url like:
https://graph.facebook.com/oauth/access_token?client_id=XXXXX&client_secret=XXXXXX&grant_type=client_credentials
So, what is missing in my code? Thanks a lot for your help.
you dont need to expose your app secret.
Instead you can use the app token directly in your calls (App token does not expire until you reset the secret key).
Facebook Documentation Reference link access tokens and types
Have Fun!!!
Regards,
hbk