I created a subscription web hook for Instagram's API and can see it when listing subscriptions through the API:
[ { object: 'user',
object_id: null,
aspect: 'media',
subscription_id: 0,
callback_url: 'https://mydomain.cloudfront.net/v1/instagram/webhook',
type: 'subscription',
id: 0 } ]
My Instagram user is enabled as a sandbox API user.
I then sign up to my app using Instagram OAuth which works. I can see my app is listed on Instagram's website under "Authorized Applications".
I then use the Instagram app to post a picture. I would expect to see a call to https://mydomain.cloudfront.net/v1/instagram/webhook in my logs but am not seeing anything at all.
I've previously submitted my app for review but was denied (possibly due to a low quality screencast). Is is possible that the webhook stopped working because of that? Other API calls seem to work fine.
Related
Can someone please clarify which is the correct WhatsApp Business Account ID to use to access the WhatsApp cloud API?
I have properly set up my webhook and can receive messages. However when I try to send a message using the WhatsApp Business Account ID (marked as number 1 in the attached image) provided here, I get the following error:
error: {
message:
"Unsupported post request. Object with ID '< my app id>' does not exist, cannot be loaded due to missing permissions, or does not support this operation. Please read the Graph API documentation at https://developers.facebook.com/docs/graph-api",
type: "GraphMethodException",
code: 100,
error_subcode: 33,
fbtrace_id: "AQXqjuSJKTWBnyJdUK_W-jj",
},
However when I switch to the second WhatsApp Business Account ID in the curl command (marked as number 2 in the attached image), it works.
What confuses me is that the incoming message has the first WhatsApp Business Account ID (marked number 1 in the attached image) like so:
message: {
object: "whatsapp_business_account",
entry: [
{
id: "xxxxxxxxxxxxxxx", // This matches the first
changes: [
...
],
},
],
};
I am using the current api v14.0. Is there some setting I need to change?
Probably you need to add the user of this acces token to the WABA (Whatsapp Business Account). You can do it by accessing your Business Manager > Whatsapp Accounts menu.
If you don't know which user is this, you can paste the access token value on the Access Token Debug Tool to find out.
PS: it has to be done even for System Users!
I have an app that displays user's instagram media(like some of the dating apps).
Also, my app has been reviewed successfully for permissions - instagram_graph_user_profile and instagram_graph_user_media and is in live mode.
But in the Facebook Developer Console, the instagram icon is not turning up green.
Please refer the screenshot.
https://drive.google.com/open?id=1VnMHLqjTf1oRbvcm2g8Ol80AfB3JqMOg
Flow to display the media is as follows.
1. My app ask users to authorize using
https://api.instagram.com/oauth/authorize?client_id=instagram-app-id&redirect_uri=redirect_uri&scope=scope&response_type=code&state=state
2. Above api responds with a code.Then backend calls -
https://api.instagram.com/oauth/access_token
with params - client_id, client_secret, code, grant_type, redirect_uri
3. Once I receive token from above API, I request long lived token from short-lived token using -
https://graph.instagram.com/access_token?grant_type=ig_exchange_token&client_secret=xyz&access_token=abc
4. Using the long lived token, server requests user info using API -
https://graph.instagram.com/me?fields=id,username&access_token=abc
5. Using the same long lived token, server makes request to get user media using API -
https://graph.instagram.com/me/media?fields=id,media_type,media_url,username,caption,timestamp&access_token=abc
This flow works only for test users(Instagram test users who accepted invitation of being a tester in Instagram Developer Platform).
When non-test user tries to view media, on step 3, I get an error saying -
{ "error": {
"message": "Unsupported get request.",
"type": "IGApiException",
"code": 100,
"fbtrace_id": "A0A24rNXCScki9Ck-8J_55b" } }
Am I missing something?
This is how I see my Business API Settings.
Please refer the screenshot.
https://drive.google.com/open?id=1Dfdihf20krEcYEmoh8z43_a1T5UQStXr
Under my App review section, I do not see any relevant permission that needs to be reviewed again.
Edit 1 -
Note - My app is in beta mode (not yet live on play store).
Could this be the reason?
I just went through a similar process getting my app ready for the old API to officially depreciate. I finally found this— hope it helps:
https://developers.facebook.com/community/threads/2219648518091109/
"After your app has been approved, you can get the contract from your Business Manager. You need to do it on a Computer (mobile wont work) and have to be an Admin on the Business.
From your business Manager you just go to Business Info -> Business Contract (https://business.facebook.com/settings/info)
Please, let us others if this answer helped you!"
Thanks to Juanu for sharing!
We have created bot solution and published it in Azure.
It was working fine locally.
In Azure we are protecting the web app bot with another App service resource.
Due to this we are getting "Failed to load resource:the server responded with a status of 502 (Bad Gateway)" error.
In the app service, under Authentication/Authorization tab, for "Action to take when request is not authenticated" dropdown if i select "Allow Anonymous request" option bot is working fine. If i select "Login with Azure Active directory" bot is not working.
Bot is not working even in Test in WebChat in azure site itself.
We are able to access bot default page after providing credentials.
Please let me know what is the step i am missing and let me know if you need any other information.
Code to connect bot.
BotChat.App({
botConnection: botConnection,
user: { id: model.userId, Username: model.LoginUser},
bot: { id: model.botId, name: model.botName },
resize: 'window',
speechOptions: speechOptions,
locale: 'en',
sendTypingIndicator: true
}, document.getElementById('BotChatElement'));
botConnection
.postActivity({
from: user,
name: 'requestWelcomeDialog',
type: 'event',
value: ''
})
.subscribe(function (id) {
console.log('"trigger requestWelcomeDialog" sent');
});
The built-in authentication in Azure app service is not suitable here.
You should follow this document to add authentication to your bot.
Note: The redirect url should be https://token.botframework.com/.auth/web/redirect
Here is an sample which uses bot authentication capabilities in Azure Bot service.
I am currently developing an Angular Frontend, which uses MSAL to authenticate users. This Frontend should call a Web-API (also hosted in Azure), which is secured by Azure Active Directory.
While I easily managed to work with Angular and MSAL, getting a Token and successfully calling Graph/me as test, I cannot get the API call to work, I'm always receiving 401's.
I'm using the following setup:
Angular frontend with MSAL
I created an Application in AAD, gave it User.Read permissions for MS Graph, copied the ID into the MSAL code and using the MSAL Interceptor calling Graph API was pretty easy following the documentation.
Web-API
I created a web-api with in .NET core, simply returning some demo data in the GET. I published the API to an azure Web Application (https://myappurl.azurewebsites.net/api/test, calling it from Angular or Postman was no Problem
Auth
Using the Azure Portal, in the App Web settings, I activated web service authentication with Azure Active Directory. As the required application, I put the same one I used in step 1 for the Frontend.
At this point I was not able to call my API any more, always receiving 401's.
I parsed the JWT Token out of the Angular code and tried postman calling with Authorization: Bearer eyJ0xxxxx headers, still 401.
I thought, that by "logging into" my frontend I should be able to use the token to identify myself for the API call aswell, since it uses the same app-id, but somehow I think I got it mixed up. I looked at a lot of documentation, but it's mostly outdated since the App registration changes in Azure Portal.
export const protectedResourceMap:[string, string[]][]=[['https://graph.microsoft.com/v1.0/me', ['user.read']] ];
MsalModule.forRoot({
clientID: "my-client-id",
redirectUri: "http://localhost:4200/profile",
postLogoutRedirectUri: "http://localhost:4200/bye",
authority: "https://login.microsoftonline.com/my-tenant-id",
validateAuthority: true,
cacheLocation : "localStorage",
navigateToLoginRequestUrl: true,
popUp: false,
consentScopes: [ "user.read" ],
unprotectedResources: ["https://www.microsoft.com/en-us/"],
protectedResourceMap: protectedResourceMap,
correlationId: '1234',
piiLoggingEnabled: true
}),
Do I need to add the webAPI to the protected ressources in Angular? Do I need an extra Application to secure the API and then allow my Frontend App to access the backend app? Reading through all the available articles confused me even more.
In your azure registration app go to "expose an api", copy the scope url and set this value as a scope in your loginRequest
var loginRequest = {
scopes: ["api://aa059cdd-1f53-4707-82a8-fdf7bd6c2859/Test"]
};
msalInstance.loginPopup(loginRequest)
.then(response => {
// handle response
})
.catch(err => {
// handle error
});
I'm trying to authorize with chrome.identity.getAuthToken() to get token for Picasa web service. I couldn't find Picasa API in Google Developer Console and set its scope to "https://picasaweb.google.com/data/" oauth2 part of manifest.json. Picasa docs say that I can skip this step.
chrome.identity.getAuthToken({
interactive: true
}, function (token) {
if (chrome.runtime.lastError) {
console.error(chrome.runtime.lastError);
} else {
console.log(token);
}
});
getAuthToken() always ends with an error "OAuth2 request failed: Service responded with error: 'bad client id: {0}'". If no scopes are set, the error looks like "OAuth2 request failed". Where have I mistaken?
Steps I take to make it work
Go to Google Developers Console and create a new project.
Go to APIs & auth > Credentials in the panel to create new Client ID. The application ID of chrome app can be obtained from Chrome Developer Dashboard if you your app is uploaded.
Go to APIs & auth > Consent screen and fill in Email Address and Product Name and Save.
I didn't know step 3 was necessary.
It seems amazing but after 1 day has passed, everything is working :)
UPD: I've tried gdrive sample from chrome-app-samples repo and added scope for Picasa. After everything worked fine, I copied its key and oauth2 section to my app's manifest. Everything worked fine too. After this I deleted client_id for app in developer console and created it again. And after that everything was ok.
You need to register your application in Google Developer Console and obtain a client_id. See the 'Credentials' pane to configure your application.