I want my facebook application to create events in my facebook page. Everyone that use my application will be able to publish events to my facebook page, so I don't want to give admin or contributor to everyone, I want my web app ( appId + secret code) to have the rights to publish
When I'm trying this:
client.AccessToken = "{app-id}|{app-secret}";
dynamic result = client.Post("/{page-id}/events", new{
name = "testEvent",
start_time = "2014-04-11T19:00:00-0700",
end_time = "2014-04-11T20:00:00-0700",
}
);
I received this error
{
"error": {
"type": "Exception",
"message": "You must be an admin of the specified page to perform the requested action.",
"code": 1373019
}
}
Any idea?
You should do the following:
Get a Page Access Token via the /me/accounts endpoint (the logged
in User must be the administrator of this page). You can do this via
https://developers.facebook.com/tools/explorer?method=GET&path=me%2Faccounts Be sure that you have requested the manage_pages, create_event and publish_stream permissions beforehand.
Exchange your short-lived Page Access Token to a non-expiring one as described here:
What are the Steps to getting a Long Lasting Token For Posting To a Facebook Fan Page from a Server
Use the newly generated Page Access Token in your App
The token that you are using is called the App Access Token, and according to the documentation of /{page-id}/events, it says:
An page access token for the page with create_event permission is required.
Now to get the page access token-
First you need to re-authenticate the user (by calling the facebook login/auth again) by adding the permissions:
manage_pages, required for getting the page access token
create_event, required for creating an event
Then make the call:
\GET /{page-id}?fields=access_token, you will get the page access token in response.
Use the token generated in step-2 and make the call you are making, then it will be a success.
(If required, you can also extend this page access token that will never expire- see here)
Learn more about access tokens here.
Related
Problem: How to authenticate in MS Graph using Azure AAD access token.
Current flow:
My web app has AAD configured with "Log in with AAD"
If I log into AAD my demo app is showing and if I go to https://******.azurewebsites.net/.auth/me
then I get the access_token.
What I tried:
So I tried a couple of things and this was the last, I copied the access_token as code and tried to send it, didn't work.
I'm searching for a solution to silently use the already logged-in user and call MS Graph.
The reason for the error is that you have used the wrong code. Don't try to send the access token as a code, you should request an authorization code in your browser.
https://login.microsoftonline.com/{tenant id}/oauth2/v2.0/authorize?
client_id={client id}
&response_type=code
&redirect_uri={redirect_uri}
&response_mode=query
&scope=https://graph.microsoft.com/.default
&state=12345
In addition, redirect_uri is also a required parameter.
For the already logged in user you need follow the below steps for access:
Make sure you have enable the allow access token for the register app as below
Write code to acquire access token for the for the logged in user Reference
Now you can pass this token in other successive call to get the result.
I need to post a message from my personal website to the website´s facebook wall page. I dont want the user to authenticate against facebook, instead a default website account should be used(probably the facebook app).
This is what I have :
Created facebook App at https://developers.facebook.com
Add Facebook.dll to my ASP.NET webform site(the personal site)
Included the following code :
FacebookClient client = new FacebookClient();
result = client.Get("oauth/access_token", new
{
client_id = ConfigurationManager.AppSettings["FacebookAppId"],
client_secret = ConfigurationManager.AppSettings["FacebookAppSecret"],
grant_type = "client_credentials"
});
client.AccessToken = result.access_token;
result = client.Post("1418771281723422/feed", new { message = "Test Message from app" });
result = client.Get("1418771281723422");
This returns the following exception on client.Post
A first chance exception of type 'Facebook.FacebookOAuthException'
occurred in Facebook.dll
Additional information: (OAuthException - #200) (#200) The user hasn't
authorized the application to perform this action
What am I doing wrong and why is it so hard to do this simple task?
Of course you need to authorize a User to post on Facebook - else it would be incredibly easy to create a spam App.
What you need is a Page Access Token, take a look at the Facebook docs about the different Tokens and how to get them: https://developers.facebook.com/docs/facebook-login/access-tokens
More information about Access Tokens: http://www.devils-heaven.com/facebook-access-tokens/
The code is in PHP, but the text is valid for every language anyway.
This is how to generate an Extended Page Token with PHP: http://www.devils-heaven.com/extended-page-access-tokens-curl/
An Extended Page Token may be exactly what you need, it is valid forever and you can post "as Page" with it.
Doing this with ASP.NET should be pretty similar, but you don´t really need that Facebook SDK if you take a look at the tutorial for extending a Page Token with CURL. This question may help you: curl Request with ASP.NET
To create an Extended Page Token only for yourself, i suggest creating it without any coding:
Use the Graph API Explorer to create a User Access Token with your App.
Extend the User Access Token: https://graph.facebook.com/oauth/access_token?grant_type=fb_exchange_token&client_id=[app-id]&client_secret=[app-secret]&fb_exchange_token=[short-lived-token]
Put that resulting User Token in the "Access Token" field of the Graph API Explorer
Make a call to /me/accounts to get a list of all your Facebook Pages
Take the Access Token of your Page and use it in a server side call for posting
It´s explained in this article: http://www.devils-heaven.com/facebook-access-tokens/
I want to create a very basic C# application that can fetch publicly-available information for Facebook user profiles. I've read a few pages of Graph API but there is a problem. Here you can see a user profile that contains all sort of information for public:
http://tr-tr.facebook.com/people/A-Altan-Yurt/100002356385895
However I cannot get all of these information, using the Graph API with this link:
https://graph.facebook.com/100002356385895
I tried scraping the page but the returned document doesn't contain any useful information. Since all these info are public, I don't think there should be an access limit for them. What am I doing wrong here?
Yes, even public accessible data can not just be fetched outside of the facebook interface.
In order to get the data you'll need a valid access token, for example if you try the url for the same user's feed you'll get:
{
"error": {
"message": "An access token is required to request this resource.",
"type": "OAuthException",
"code": 104
}
}
You can try this same url with the Graph API Explorer, and after you authorize this app, it will have an access token and you'll get the public feed of that user.
The access token used there (in the API Explorer) is an app access token, which is probably the easiest token to get, here's the doc about Authenticating as an App.
Once you get an access token you can start querying the graph api and get the public data.
You can do it with other access token types, such as a user token.
Edit
Even when things are public for users on facebook, they are not public for applications and you will need to ask for the right permissions for let's say the education (user_education_history).
You can see exactly which permission you need for each field in the documentation of the User object, in the fields table the 3rd column is titled Permissions and there you'll see what you need per field.
I'm trying to get the Facebook C# SDK to work with offline_access and a console application.
From what I understand, I have to:
Ask for auth for offline_access - that's easy.
Get the "code" that is returned by FB when the user authorizes offline_access
Use ExchangeCodeForAccessToken to get a valid access token each time
I can't figure out how to grab the code in (2) though?
Thanks
Getting the "code" and exchanging the code for a token is something you usually do if you are doing authentication in a server-side workflow. It may be a bit of a red herring in your scenario. There are easier ways to just get the access token directly.
It would help to have more context (including code) showing how you are getting offline_access (javascript, server-side OAuth, ...?)
When you get offline_access via the Javascript SDK, which in my opinion provides the best user experience, you will get the access token back in the response from Facebook:
FB.login(function (response) {
if (response.session) {
if (response.perms) {
var accesstoken = response.session.access_token;
// do something with the token...save it, use it, etc.
} else {
// re-prompt for permissions
}
}
}, { perms: 'offline_access' });
Once you have it in javascript you can stuff it into a hidden form field, put it in an ajax post to your server, or whatever.
Note that in my experience you do not actually need the saved user access token to do offline api calls for all api methods. You can just use an app access token in some cases, and Facebook will let it fly if you have offline_access and the other required permissions. They did post a developer blog post in the last week stating you need a token for some api calls where it was not previously required, so that might be changing.
Also be aware that these tokens can go bad. For example if the user changes their Facebook account password it invalidates all access tokens. So it is good to test them, catch OAuth exceptions, and have a way to bring this to the user's attention to re-prompt for permissions and get a new access token.
After the user grants you the "offline_access" permission, Facebook will redirect the user to your application URL with a "code" query string parameter. You need to grab this "code" query string parameter.
Then, make another WebRequest using this "code" value to get the access token. Use the following URL to make the request:
https://graph.facebook.com/oauth/access_token?client_id={0}&redirect_uri={1}&client_secret={2}&code={3}
The WebResponse can be parsed like this:
NameValueCollection qs = HttpUtility.ParseQueryString(response);
token = qs["access_token"];
You need to persist the token in a database for use in your console application.
I created a company page.
After creating a company page I created an administrator user for it.
I have a FB application that posts on another users wall using their user id (stream.publish).
I want to post on the company wall too, but how can I post on the company wall if I don't have its userID, or appID.
When I use the company page, I don't see details about it in the settings or any other configuration page.
How can I get the company page userID/companyID/accesstokenID, so I can post on its wall?
You need to request the manage_pages permission, for the admin user you assigned to the pages. When you return from the authorize URL, where you get the user's access token, you need to call the https://graph.facebook.com/me/accounts?access_token=TOKEN_FROM_ABOVE URL, which will give you a collection of pages, each with its own access token.
When you use that access token for publishing, it should publish as the Page.
http://developers.facebook.com/docs/authentication/ - Check the Page Login section.
UPDATE
This is the URL, you redirect the browser to:
https://graph.facebook.com/oauth/authorize?client_id=APP_ID&scope=manage_pages,offline_access&display=Popup&redirect_uri=REDIRECT_URL
When the user returns to the specified Redirect URL, you grab the value in the code URL parameter and call the Facebook API to exchange it for an access token. All this, you've probably already done, since you have an application that posts on a user's wall.
What you'll do now, using the access token, is call https://graph.facebook.com/me/accounts?access_token=TOKEN_FROM_ABOVE which will give you the collection of pages the authenticated user manages, and each one have its own access token.
Grab the desired access token, and use that to post on the pages wall.