Warning: Creating default object from empty value in /home/ibrfao/masteringapi.com/blog/wp-content/themes/platform/includes/class.layout.php on line 164

Warning: Creating default object from empty value in /home/ibrfao/masteringapi.com/blog/wp-content/themes/platform/includes/class.layout.php on line 167

Warning: Creating default object from empty value in /home/ibrfao/masteringapi.com/blog/wp-content/themes/platform/includes/class.layout.php on line 170

Warning: Creating default object from empty value in /home/ibrfao/masteringapi.com/blog/wp-content/themes/platform/includes/class.layout.php on line 173

Warning: Creating default object from empty value in /home/ibrfao/masteringapi.com/blog/wp-content/themes/platform/includes/class.layout.php on line 176

Warning: Creating default object from empty value in /home/ibrfao/masteringapi.com/blog/wp-content/themes/platform/includes/class.layout.php on line 178

Warning: Creating default object from empty value in /home/ibrfao/masteringapi.com/blog/wp-content/themes/platform/includes/class.layout.php on line 180

Warning: Creating default object from empty value in /home/ibrfao/masteringapi.com/blog/wp-content/themes/platform/includes/class.layout.php on line 202

Warning: Creating default object from empty value in /home/ibrfao/masteringapi.com/blog/wp-content/themes/platform/includes/class.layout.php on line 206

Warning: Creating default object from empty value in /home/ibrfao/masteringapi.com/blog/wp-content/themes/platform/includes/class.layout.php on line 224

Warning: Creating default object from empty value in /home/ibrfao/masteringapi.com/blog/wp-content/themes/platform/includes/class.layout.php on line 225

Warning: Creating default object from empty value in /home/ibrfao/masteringapi.com/blog/wp-content/themes/platform/includes/class.layout.php on line 227

Warning: Creating default object from empty value in /home/ibrfao/masteringapi.com/blog/wp-content/themes/platform/includes/class.layout.php on line 321

Warning: Creating default object from empty value in /home/ibrfao/masteringapi.com/blog/wp-content/themes/platform/includes/class.layout.php on line 321

Warning: Creating default object from empty value in /home/ibrfao/masteringapi.com/blog/wp-content/themes/platform/includes/class.layout.php on line 321

Warning: Creating default object from empty value in /home/ibrfao/masteringapi.com/blog/wp-content/themes/platform/includes/class.layout.php on line 321

Warning: Creating default object from empty value in /home/ibrfao/masteringapi.com/blog/wp-content/themes/platform/admin/class.options.metapanel.php on line 56

Warning: Creating default object from empty value in /home/ibrfao/masteringapi.com/blog/wp-content/themes/platform/admin/class.options.metapanel.php on line 56

Warning: Creating default object from empty value in /home/ibrfao/masteringapi.com/blog/wp-content/themes/platform/admin/class.options.metapanel.php on line 56

Warning: Creating default object from empty value in /home/ibrfao/masteringapi.com/blog/wp-content/themes/platform/admin/class.options.metapanel.php on line 49
How To: Ask For Extended Permission In Your Facebook Application | MasteringAPI

Always before start building your application you need to carefully consider the functions and services your application will be delivering to the user and at the same time what information is needed from the user to make a complete user experience. That being said always read over the list of extended permissions Facebook made available for applications’ developers and pick the permissions needed by your application.

 

Asking for extended permission using Facebook JavaScript SDK

This is really a no-brainer and clearly stated in Facebook Documentation:
UPDATE: If you are using the latest JS-SDK (with OAuth 2) then you need to use the scope parameter:

FB.login(function(response) {
  if (response.authResponse) {
      // user is logged in and granted some permissions.
  } else {
    // User cancelled login or did not fully authorize.
  }
}, {scope:'read_stream,publish_stream,offline_access'});

Using the old OAuth:

FB.login(function(response) {
  if (response.session) {
    if (response.perms) {
      // user is logged in and granted some permissions.
      // perms is a comma separated list of granted permissions
    } else {
      // user is logged in, but did not grant any permissions
    }
  } else {
    // user is not logged in
  }
}, {perms:'read_stream,publish_stream,offline_access'});
Back to top
 

Asking for extended permission using Facebook PHP-SDK

Now even if this is not mentioned in the Facebook PHP-SDK example file, here’s how to ask for extended permissions:
UPDATE: If you are using the latest PHP-SDK (v3+) then you need to use the scope parameter:

$loginUrl = $facebook->getLoginUrl(array(
    "scope" => "read_stream,publish_stream"
));

If you still using the 2.x version then use:

$loginUrl = $facebook->getLoginUrl(array(
    "req_perms" => "read_stream,publish_stream"
));
Back to top
 

Asking for extended permission when calling the OAuth Dialog request

This is mentioned in the Facebook Authentication document:

https://www.facebook.com/dialog/oauth?
     client_id=YOUR_APP_ID&redirect_uri=YOUR_URL&scope=email,read_stream

This is useful if you are not developing using any SDK or developing a Desktop Application.

Back to top
 

Asking for extended permission using Facebook Login Plugin

Just like in the documentation, you just need to add the permissions to the perms parameter:

<fb:login-button scope="read_stream,publish_stream"></fb:login-button>
Back to top
 

Asking for extended permission for a user that has already authorized your application

Even if it seems that the above approaches should only be used once in the work-flow of your application, this is not true. Asking for extra permission from a user who has already authorized your application is done by just using any of the above approaches again!

Let us assume that you added a new feature that allow users to create events from your application but you didn’t ask for the create_event permission. One way of doing this:

<fb:login-button scope="create_event">
	Grant Permissions to create events 
</fb:login-button>

It’s worth mentioning that it’s best to first check if the current user has already granted you the extra permission and remove the extra request. This can be done easily, just follow our tutorial on how to check if a user has granted your application a certain permission.

Back to top
 

Notes

Just like how important you ask for the extended permissions needed by your application, you should not ask for any permission if your application is not going to make use of it (especially publish_stream and offline_access). Quote from a Facebook document:

Depending on your application’s needs, you may need additional permissions from the user. A large number of calls do not require any additional permissions, so you should first make sure you need a permission. This is a good idea because this step potentially adds friction to the user’s process. Another point to remember is that this call can be made even after the user has first connected. So you may want to delay asking for permissions until as late as possible.

Back to top
  • http://twitter.com/andrethehook André

    The PHP example isn’t working for me.. Facebook just asks for the basic information even though I have asked for publish_stream and manage_pages. Any tips? 

    • http://www.facebook.com/gerard.nijboer Gerard Nijboer

      Got any update on this? Also got the same problem!

      • Jefferson

        Me too! Not asking permission :(

  • http://twitter.com/andrethehook André

     I solved this by changing “req_perms” with “scope”, working perfectly now =)

    $loginUrl = $facebook->getLoginUrl(array(      “scope” => “read_stream,publish_stream,manage_pages”));

  • Avnish

    i wanted to know something, suppose i want to publish as my app on all the users’s wall who have liked my app at say.. 10 pm everyday, how will i do it??

    i have read ur tutorials, i know i have to use publish_stream, and fb feed..
    i am not getting where does the timing part comes??can you write a full fledged example for that??
    i have read ur comments at stackoverflow, and know the background, an example will be great help..

  • Sunnyg246

    Thanks it helps me a lot…

  • http://www.r-gate.net/ Mohamed Tair

    Thanks ^^