Reputation: 185
What calls are possible using an "app access token"?
I'm just starting to create a in-facebook app. I'm bugging at the first step, when a user access my app for the first time. Basically, I want a welcome page to explain what is that app before requesting an access to information. A cute image with cats, whatever, but not sending directly the user to the login to my app dialog.
So, user didn't sign in to my app, I only have the "app access token" to work with the graph. According to this official Facebook dev page (at the end), I'm supposed to have some basic information access.
Question is : how ? What are the calls that I can make to the graph with an app access token ?
/me is a no go, it requires a user access token.
/$user_id is public information, with or without a token, I can retrieve basic info. But I don't have any user_id to use through the $signedRequest (which gives only country,locale & age)
How am I to get (quote):
- Basic Profile Info of a User (ID, Name, Username, Gender) - A User’s Friends and their IDs - Permissions granted by the User to your App
Upvotes: 1
Views: 1782
Answers (2)
Reputation: 7813
- Basic Profile Info of a User (ID, Name, Username, Gender):
- A User’s Friends and their IDs
If you request https://graph.facebook.com/USER_ID/friends?access_token=APP_ACCESS_TOKEN, you would get:
{ "error": { "message": "Can't lookup all friends of 100001234567. Can only lookup for the logged in user or the logged in user's friends that are users of your app.", "type": "NoIndexFunctionException", "code": 604 } }
The answer for legal solution is, NO, you must use user access token. Similar disscussion here Get the Friends of my friend using the Graph API
Permissions granted by the User to your App
Yes. https://graph.facebook.com/USER_ID/permissions?access_token=APP_ACCESS_TOKEN
Upvotes: 0
Reputation: 19995
You shouldn't be using your application token for anything other than administration of your app.
It's not possible to get data before a user actually grants it.
The paragraph you mentioned is within the limits of your application
While an App Access Token is largely for the purposes of publishing information back to Facebook on behalf of the user, there is a limited set of information that can be retrieved from Facebook using an App Access Token.
- Basic Profile Info of a User (ID, Name, Username, Gender)
- A User’s Friends and their IDs
- Permissions granted by the User to your App
Say I know User001 added my app, and I want to check on some items for administration. I don't have User001's access token (or rather I shouldn't be manually using it) So instead I supply the application access token to get data that would normally return
Notice I can supply an app token allowing me to see friends (of the user who added the app) but if I choose an object not mentioned in those bullet points...
Upvotes: 4
Related Questions
- Getting App Access Token for facebook app?
- Use "app access tokens" with the Facebook Javascript SDK?
- how do I actually use app access token with facebook api?
- Using other facebook app access token
- Access token Facebook graph api?
- Which calls can the Client Token of a Facebook App be used for?
- Facebook FB api - About Access token
- Which API methods require app access tokens
- What is access token in facebook API?
- access_token without an app