Extended permission

From Facebook Developer Wiki (FbDevWiki.com)
Jump to: navigation, search

original documentation found here: http://developers.facebook.com/docs/authentication/permissions

Contents

Introduction

When a Facebook user authorizes your application, your application gets access to the user's Facebook ID. By default, your application can access all public data in a user's profile, including her name, profile picture, gender, and friends. If your application needs to access other parts of the user's profile that may be private, or if your application needs to publish content to Facebook on a user's behalf, your application must request permissions.

Likewise, to protect the privacy of users who have not explicitly authorized your application, your application will only be able to access the basic profile information about a user's friends, like their names and profile pictures. If your application needs to access other data about a user's friends to enable social functionality, you will need to request some of the special friends permissions listed below.

Applications that request more permissions tend to have a lower click-through rate on the permissions dialog. Therefore, you should only ask for the permissions you need from the user at a given time, as you can always ask for more later.

See the authentication guide for details on how your application can request these permissions in the authentication process.

Publishing Permissions

Permission Description
publish_stream Enables your application to post content, comments, and likes to a user's stream and to the streams of the user's friends. With this permission, you can publish content to a user's feed at any time, without requiring offline_access. However, please note that Facebook recommends a user-initiated sharing model.
create_event Enables your application to create and modify events on the user's behalf
rsvp_event Enables your application to RSVP to events on the user's behalf
sms deprecated Enables your application to send messages to the user and respond to messages from the user via text message deprecated
offline_access (being removed May 1, 2012) Enables your application to perform authorized requests on behalf of the user at any time. By default, most access tokens expire after a short time period to ensure applications only make requests on behalf of the user when the are actively using the application. This permission makes the access token returned by our OAuth endpoint long-lived.
publish_checkins Enables your application to perform checkins on behalf of the user

Data Permissions

User permission Friends permission Description
user_about_me friends_about_me Provides access to the "About Me" section of the profile in the about property
user_activities friends_activities Provides access to the user's list of activities as the activities connection
user_birthday friends_birthday Provides access to the birthday with year as the birthday_date property
user_education_history friends_education_history Provides access to education history as the education property
user_events friends_events Provides access to the list of events the user is attending as the events connection
user_groups friends_groups Provides access to the list of groups the user is a member of as the groups connection
user_hometown friends_hometown Provides access to the user's hometown in the hometown property
user_interests friends_interests Provides access to the user's list of interests as the interests connection
user_likes friends_likes Provides access to the list of all of the pages the user has liked as the likes connection
user_location friends_location Provides access to the user's current location as the location property
user_notes friends_notes Provides access to the user's notes as the notes connection
user_online_presence friends_online_presence Provides access to the user's online/offline presence
user_photo_video_tags friends_photo_video_tags Provides access to the photos the user has been tagged in as the photos connection
user_photos friends_photos Provides access to the photos the user has uploaded
user_relationships friends_relationships Provides access to the user's family and personal relationships and relationship status
user_relationship_details friends_relationship_details Provides access to the user's relationship preferences
user_religion_politics friends_religion_politics Provides access to the user's religious and political affiliations
user_status friends_status Provides access to the user's most recent status message
user_videos friends_videos Provides access to the videos the user has uploaded
user_website friends_website Provides access to the user's web site URL
user_work_history friends_work_history Provides access to work history as the work property
email not available Provides access to the user's primary email address in the email property. Do not spam users. Your use of email must comply both with Facebook policies and with the CAN-SPAM Act.
read_friendlists manage_friendlists Provides access to any friend lists the user created.

NOTE: All user's friends are provided as part of basic data, this extended permission grants access to the lists of friends a user has created, and should only be requested if your application utilizes lists of friends.

read_insights not available Provides read access to the Insights data for pages, applications, and domains the user owns.
read_mailbox not available Provides the ability to read from a user's Facebook Inbox.
read_requests not available Provides read access to the user's friend requests
read_stream not available Provides access to all the posts in the user's News Feed and enables your application to perform searches against the user's News Feed
xmpp_login not available Provides applications that integrate with Facebook Chat the ability to log in users.
ads_management not available Provides the ability to manage ads and call the Facebook Ads API on behalf of a user.
user_checkins friends_checkins Provides read access to the authorized user's check-ins or a friend's check-ins that the user can see.
user_address not available Provides read access to user's address listed in their profile.
user_mobile_phone not available Provides read access to user's mobile phone listed in their profile.

Page Permissions

Permission Description
manage_pages Enables your application to retrieve access_tokens for pages the user administrates. The access tokens can be queried using the "accounts" connection in the Graph API. This permission is only compatible with the Graph API.
Personal tools
Namespaces
Variants
Actions
Navigation
Graph API
FQL
Toolbox