In a previous post, ‘Facebook Login with ASP.net Web Forms’, I covered social login, OAuth and accessing a user’s public profile information. Following that post I published ‘Get User's Email Address from Facebook with ASP.net Web Forms’ where I covered the addition of the ‘email’ scope required to request permission to the user’s email address. Incorporating these core functions into your web app opens the door to a world of possibilities. You now have the necessary foundation required to truly leverage the many capabilities of the Facebook platform. In this post I will detail the next most desired integration with Facebook, publishing. Publishing incudes the ability to post status updates, links, likes, photos, photo albums, videos and more. While there is much that can be done here, we will focus on the simplest example, posting status updates. Below is a sample of the result published by the provided sample code:
When we refer to publishing to Facebook, we are referring to publishing an action ‘on the behalf of a user’. Therefore, it is important to understand that it is your web app which will be permitted by a Facebook user to perform the actual publishing. This permission will come from the Facebook Login scope of ‘publish_actions’. If you recall from my previous post, we used the following URL convention to link a user off to the ‘Login with Facebook’ dialog and request their email address:
https://www.facebook.com/dialog/oauth/?client_id=[Your Facebook App Id]&redirect_uri=[Your Redirect URI]&response_type=code&state=1&scope=email
In order for us to request permission to ‘publish_actions’ all we need to do is add one additional query string parameter value to this link. The value will be ‘publish_actions’. I have highlighted the addition in green below
https://www.facebook.com/dialog/oauth/?client_id=[Your Facebook App Id]&redirect_uri=[Your Redirect URI]&response_type=code&state=1&scope=email,publish_actions
By adding this scope, user’s will now receive the following additional popup the first time they log into Facebook from your app. Provided they click ‘Okay’ the access token we receive will have this permission. If they click ‘Not Now’ we will not be able to post on their behalf.
Provided the user approves your app’s request to publish on their behalf, the resulting access token we request will include this permission. As a reminder, the OAuth dialogue will provide us a response including a ‘code’ parameter. We use the value of the code parameter to request an access token via the following endpoint:
https://graph.facebook.com/oauth/access_token?client_id=[Your Facebook App Id]&client_secret=[Your Facebook App Secret]&redirect_uri=[Your Redirect URI]&code=[Code Received from Response]
As of v2.0 of Facebook’s Graph API, Login Review is now required when requesting specific permission scopes such as ‘publish_actions’. The purpose of this review is to ensure that your app will not be posting to Facebook on behalf of a user without direct interaction by the user. For example, each time a user enters text into a textfield in your app, the user must know that it will also post to Facebook. This can be done by providing text directly below your textfield along with a checkbox which states ‘Publish to Facebook’ or by simply adding an approved Facebook logo next to your Submit button.
The Login Review process is quite simple to complete. Simply navigate to ‘developers.facebook.com’, select your app from the ‘My Apps’ top navigation, on the left navigation select ‘Status & Review’. Click ‘Start a Submission’ and follow the steps to request ‘publish_actions’. The process will require you to upload a few screenshots of your forms which post back to Facebook.
Screenshots of the Publishing Process:
The following is the sequence of screens your user will run through when you implement the sample code:
Download the sample project on GitHub:
- Facebook Graph API: Publishing
- Facebook Graph API: Status
- Facebook Graph API: User Feed
Other posts in the Facebook Development series:
- Facebook Login with ASP.NET Web Forms
- Get User's Email Address from Facebook with ASP.NET Web Forms
- Automate Posts to Facebook Fan Page with .NET and Microsoft Azure
Nick Pinheiro is an experienced software engineer, technologist, speaker, author and evangelist. He is a Senior Consultant in the Azure Applications Circle of Excellence (CoE) at Microsoft where he develops cloud-based, web and mobile applications for the world’s largest organizations. He speaks at various industry conferences on Modern Apps, Social and Cloud. Follow him on Twitter at @nickpinheir.