3

Is there a way to pull Facebook content (specifically wall posts from a public page) to display on a website without Facebook requiring a user login? Before the offline_access permission was deprecated, I would simply create a token as myself, store it, and pull the information as needed.

Now, from what I can figure out, the only two options I have are to 1) manually update that token every 60 days, or 2) display the content only to Facebook users AND make them "allow" the app. Obviously #1 is not a preferred option, and #2 doesn't seem like very good practice.

For reference, I'm only trying to pull content from a publically accessible page wall and require no action on behalf of the user (no wall posting, no reading stream, etc).

This seems like a really simple concept, and I feel like I have to be missing something. I can't find an answer anywhere. Are these really my only two options? Any feedback would be much appreciate.

Updated:

I think I may have found a way around this. With offline_access being deprecated, there is an fb_exchange_token option available to extend the expiration of an existing token. With a call to the following:

https://graph.facebook.com/oauth/access_token?client_id={app_id}&client_secret=
{app_secret}&grant_type=fb_exchange_token&fb_exchange_token={existing_token}

you should receive a token with an extended expiration. In my scenario, I will allow the app through my own Facebook account, store the token in my PHP code, and just use cURL to periodically update the existing code.

Note: According to the Facebook documentation, the expiration can only be extended once per day

PiTheNumber
  • 22,828
  • 17
  • 107
  • 180
Kory Sharp
  • 490
  • 3
  • 11
  • _Before the offline_access permission was deprecated, I would simply create a token as myself, store it, and pull the information as needed._ Then if you change your password or your session change for security reasons you need to get another access token again & i'm not sure it be possible after deprecating offline access (i think it be available again) – Pooya Estakhri Mar 10 '12 at 06:51
  • @korysharp Did this work for you? I am trying to do the same thing. Do you have an example of how you accomplished this? – MicFin Aug 23 '14 at 03:46
  • 1
    @MicFin I am currently using https://graph.facebook.com/{page_url}/feed?access_token={app_token} where page_url is the url of the page (ie: cocacola) and app_token represents an Application Access token. Take a look at http://stackoverflow.com/questions/12948809/trying-to-get-app-access-token for instructions on obtaining one of these. I've been able to store and use this single token (which has no expiration) for all of our websites. Hope this helps. – Kory Sharp Aug 26 '14 at 16:14
  • @KorySharp that works excellent but I did run into an issue. For some users it works fine but when I use it on other users I receive the error Koala::Facebook::ClientError: type: OAuthException, code: 803, message: (#803) Cannot query users by their username (benaffleck) [HTTP 404] from /Users/Raevynheart/.rvm/gems/ruby-2.1.2/gems/koala-1.10.0/lib/koala/api/graph_api.rb:503:in `block in graph_call' any suggestions? – MicFin Aug 28 '14 at 23:32
  • @McFin this method will only work for pages that have public access (no privacy settings). The pages that i use this for in my cases are clients of ours that have public pages. Is the Ben Affleck account a "page" or a regular user account? – Kory Sharp Aug 29 '14 at 03:13

1 Answers1

0

Assuming you own the page you can use the manage_pages permission. The manage_pages permission is a permanent token from what I can gather. Then use /feed on the graph api with the relevant page number to pull the information.

I am assuming you own this page. If you don't or aren't explicitly given permission then you don't have the rights to pull this information down.

Adam
  • 16,089
  • 6
  • 66
  • 109
  • 1
    Unless I'm doing something incorrectly, this is not the case. I just obtained a token with the read_stream and manage_pages permissions. The token expires in 4238 seconds (a little over an hour). I know that there are individual tokens for each page that you own that you can access through the open graph api @ /me/accounts, but these page tokens expire at the same time as the token used to obtain these keys. – Kory Sharp Mar 09 '12 at 15:03
  • What about if you get the publish_stream permission. I have used that in my app and I know it doesn't expire. Or I have at least had it several months and its still going. – Adam Mar 09 '12 at 15:18
  • 1
    There use to be an offline_access permission that doesn't exist anymore. I have a handful of sites that use tokens that I obtained with offline_access (and still work), but this is no longer an option. – Kory Sharp Mar 09 '12 at 15:21
  • Yes I was aware offline_access was depreciated but it isn't necessary with publish_stream and publish_stream requires offline access hence you get the permission of offline access so to speak by default. – Adam Mar 09 '12 at 15:34
  • 1
    No dice. I just did a token request for publish_stream only... still has an expiration under 5000 seconds. – Kory Sharp Mar 09 '12 at 15:37
  • 1
    Unfortunately, it does not. I've attempted to use appID|appSecret as an access token, and while that doesn't give an invalid token error, it yields no results (returns an empty data set) regardless of what kind of call I am making. – Kory Sharp Mar 09 '12 at 16:03
  • @Adam, `publish_stream` is not the same as `read_stream` and read_stream goes away with the expiry of the access token. While `publish_stream` will live on. – DMCS Mar 09 '12 at 17:08
  • Do you have the read_stream as @DMCS suggested. They are right in that publish only writes. I was only suggesting publish to get a non-expiring token. – Adam Mar 09 '12 at 17:52