Extended Permissions

Problem

I’ve planned out a great app, but it’s going to require my users to give permission to do some things that are beyond the usual set of options, such as setting their status or creating Marketplace listings. How do they let me know it’s OK?

Solution

Table 9-7 lists three extended permissions that users can grant an application.

Table 9-7. Extended permissions

Permission

Description

status_update

Your application can call Users.setStatus() for this user.

photo_upload

You can already upload photos and add tags for all users with the Photos.upload() and Photos.addTag() methods, but both will go into a pending state and require approval. Granting this permission allows your app to bypass that step.

create_listing

Your application can create new Marketplace listings on behalf of this user.

The permissions are granted one at a time by sending users to http://www.facebook.com/authorize.php?api_key=YOUR_API_KEY&v=1.0&ext_perm=PERMISSION_NAME (see example page in Figure 9-18), substituting your API key and the permission’s name from Table 9-7.

Extended permissions

Figure 9-18. Extended permissions

Discussion

You can add two more parameters to the URL, next and next_cancel, which are URL-encoded URLS you’d like the user sent to when they’re finished granting permission or if they cancel, respectively:

http://www.facebook.com/authorize.php?api_key=YOUR_API_KEY&v=1.0&ext_perm=PERMISSION_NAME&next=http%3A%2F%2Fapps.facebook.com%2Fmyapp%2Fpermissions.php&next_cancel=http%3A%2F%2Fapps.facebook.com%2Fmyapp%2Fcancel.php ...

Get Facebook Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial