9

I have created an app of V2.3 with rails app. It was working fine before April 30th. Now I am getting this error :

Invalid Scopes: offline_access, publish_stream, create_event, friends_events. This message is only shown to developers. Users of your app will ignore these permissions if present. Please read the documentation for valid permissions at: https://developers.facebook.com/docs/facebook-login/permissions

I have even given permission to the app via Graph API Explorer. Still I am not able to resolve it.

Similar Question : Error Invalid Scopes: offline_access, publish_stream, when I try to connect with Facebook API

Adding Comments - This didn't solve my problem. I have tried this solution.

Any suggestions?

Thanks

Community
  • 1
  • 1
Avi
  • 391
  • 2
  • 3
  • 20
  • possible duplicate of [Error Invalid Scopes: offline\_access, publish\_stream... when i try to connect with Facebook API](http://stackoverflow.com/questions/30074899/error-invalid-scopes-offline-access-publish-stream-when-i-try-to-connect-wi) – Tobi May 07 '15 at 07:33

2 Answers2

5

All those permissions don´t exist anymore, some of them are deprecated since many years - and v1.0 was removed at April 30th, 2015 - meaning, a lot of deprecated stuff is not working anymore. Check out the changelog for more information: https://developers.facebook.com/docs/apps/changelog

I suggest not using old online tutorials to copy code from, always use the Facebook docs first.

andyrandy
  • 72,880
  • 8
  • 113
  • 130
2

I don't understand why you have to post the question, as you linked the one already answered yesterday.

You have to remove the repsective permissions from the scope parameter of the Login URL.

See

scope: A comma separated list of Permissions to request from the person using your app.

You CANNOT use these permissions after April 30th 2015.

Tobi
  • 31,405
  • 8
  • 58
  • 90
  • Because that link didn't solve my problem. & I was unable to comment on those already commented. My question was removed from that post & was asked to create a new one. – Avi May 07 '15 at 08:08
  • What exactly did you do to solve it? If you's have removed the permissions from the scope, the error would be gone! Simple as that. Read the docs. – Tobi May 07 '15 at 08:22
  • In App Details --> Configure App Center Permissions, removed all permissions. And also cleared the access token permissions from Graph API Explorer. Is there any problem if the app is not live ? – Avi May 07 '15 at 08:57
  • 1
    That's nonsense. You need to set the `scope` of the login URL in the code of your app, as I said twice before. – Tobi May 07 '15 at 09:05
  • http://stackoverflow.com/questions/30096263/how-to-remove-permissions-offline-access-and-publish-stream-in-scope-variable – Tobi May 07 '15 at 09:48
  • The above link has different solution as he is using HybridAuth which is a PHP Library. As I am using Koala in ROR, I am looking at the scope permissions as you said. – Avi May 07 '15 at 11:46
  • You should have stated that in your question, as well as your Koala version – Tobi May 07 '15 at 12:00
  • Look at https://github.com/arsduo/koala/wiki/OAuth#oauth-urls-and-tokens You should be able to define the scope / permissions with `@oauth.url_for_oauth_code(:permissions => "permission1,permission2,permission3")` – Tobi May 07 '15 at 12:02
  • Ya, I should have mentioned that. Actually prior to April 30th, it was the same issue with permissions. I fixed it with the solution in GraphAPI Explorer. I selected my app --> Then get Access Token. Where we can select all the permissions which we wanted. It solved the issue. There was no code change for that. – Avi May 07 '15 at 12:46
  • I can't believe this would work. The Access Token will expire, and this wouldn't change anything for the login. Where Koala is involved then I can't understand. What did you do then with the Access Token? – Tobi May 07 '15 at 13:13
  • So, the generated access token has all the permissions we wanted from the GraphAPI Explorer. Through Koala, we get that token & save it into our database. So whenever the person logs out, we take the fresh access token & save it and show data accordingly. – Avi May 07 '15 at 13:22
  • I don't understand this, but well. – Tobi May 07 '15 at 13:26