Asking for specific User Permission in Facebook Application

Question

i got a Problem with my Facebook Application. The Application is Live at the Moment and i got a E-Mail from Facebook:

We've found the following policy violation with your app and you need to address this issue by Tuesday April 17, 2012 at 5:00pm PST or your app may be subject to enforcement action.

Our policies require that your app has a privacy policy that tells users what user data you are going to use and how you will use, display, share, or transfer that data and you will include your privacy policy URL in the Developer Application (See Platform Policy II.3, http://developers.facebook.com/policy).

It has come to our attention that your app is missing a privacy policy in the permissions dialogue. Please update the privacy policy URL field in the Developer Application at developers.facebook.com/apps/[YOUR_APP_ID]/auth. Also, please review your app to ensure you are also displaying your privacy policy on your web site or within your app.

My App is using Basic User Information only.

I am using the Javascript SDK for the Basic User Authentication but I don't know how to ask the User for the correct Permission.

<div id="fb-root"></div>
 <script>
 window.fbAsyncInit = function() {
FB.init({
  appId      : '[APPID]', // App ID
  channelUrl : '[URL]', // Channel File
  status     : true, // check login status
  cookie     : true, // enable cookies to allow the server to access the session
  xfbml      : true  // parse XFBML
});  
var login = false;
 FB.getLoginStatus(function(response) {
          if (response.status === 'connected') {
              console.log('connected');
              login=true;
                // the user is logged in and connected to your
                // app, and response.authResponse supplies
                // the user's ID, a valid access token, a signed
                // request, and the time the access token 
                // and signed request each expire
                var uid = response.authResponse.userID;
                var accessToken = response.authResponse.accessToken;
          }
          else{
              FB.login(function(response) {
               if (response.authResponse) {
                 console.log('Welcome!  Fetching your information.... ');
                 FB.api('/me', function(response) {
                   console.log('Good to see you, ' + response.name + '.');
                   if(login===false)
                   {
                       window.open("http://www.facebook.com/EnergyZuerich/app_332399760133904", "_top");
                   }
                   //window.location.href=window.location.href;
                   //FB.logout(function(response) {
                     //console.log('Logged out.');
                   //});
                 });
               } else {
                 console.log('User cancelled login or did not fully authorize.');
               }    
             }, {scope: 'email'});
          }});

// Additional initialization code here
 };
  (function() {
     var e = document.createElement('script');
      e.async = true;
     e.src = document.location.protocol +
     '//connect.facebook.net/en_US/all.js';
     document.getElementById('fb-root').appendChild(e);  
   }());
 // Load the SDK Asynchronously
(function(d){
    var js, id = 'facebook-jssdk'; if (d.getElementById(id)) {return;}
    js = d.createElement('script'); js.id = id; js.async = true;
    js.src = "//connect.facebook.net/en_US/all.js";
    d.getElementsByTagName('head')[0].appendChild(js);
 }(document));

</script>

Can anybody help?

Answer 1

Their email is clearly telling you what to do. i.e. Create an publicly accessible URL to your privacy policy and update URL field for your application. You can do this on Facebook where you manage your application.