Facebook API授权-一次登录,多个域 [英] Facebook API authorization - one login, multiple domains
问题描述
我们的应用程序为多个客户运行多个站点.我们提供的一项服务是为客户编写和发布社交媒体.我们还允许客户通过应用程序管理员自行发布信息.
Our application runs multiple sites for multiple customers. One service we offer is to write and post social media for our customers. We also allow the customers to do posts themselves through the application admin.
为了给客户提供非自动化的帖子,我们的一位用户可以通过她的Facebook登录访问许多客户的页面.
In order to facilitate the non-automated posts for customers, one of our users has access to the pages of many customers through her Facebook login.
如果她使用我们的应用程序通过客户网站的管理区域生成身份验证令牌,就会出现问题.
The problem comes if she uses our application to generate an auth token through the admin area of the customer's site.
应用程序将其自己的appID和密钥发送给Facebook,并且用户会收到Facebook登录页面.
The application sends its own appID and secret key to Facebook, and the user receives the Facebook login page.
但是,她曾经能够选择希望登录的页面/客户.现在,一旦提交了登录数据,Facebook会立即将令牌发送回返回URL".没有机会选择身份验证所针对的Facebook页面.
However, she used to be able to choose which page/customer she wished to log in to. Now, once the login data is submitted, Facebook immediately sends a token back to the "return URL." There's no opportunity to choose which Facebook page the auth is for.
令牌似乎已链接到用户的主页"页面(这是我们的页面).
The token appears to be linked to the user's "main" page (which is a page of ours).
显然,我们需要能够说我正在登录到获得授权的多个页面中的X页面".
Obviously, we need to be able to say "I'm logging in to Facebook page X of the many pages I'm authorized for."
请明确说明:这通常不是与我们的应用程序授权有关的问题.当Facebook登录名附加到多个页面时,就是这种情况.
Just to be clear: this is not an issue regarding authorization for our application in general. It's the specific case when the Facebook login is attached to multiple pages.
任何人都可以给我一些建议,即使它只是指向API文档中适当位置的链接也可以吗?我没有运气去搜索它们.
Can anyone give me some advice, please, even if it's just a link to an appropriate spot in the API docs? I've had no luck searching them.
谢谢
汤姆
首先,关于多个域"的问题:也许我不应该在标题中加上它,因为它与Facebooksé无关,
First, to the question about "multiple domains": perhaps I shouldn't have put that in the title, since it's not relevant to Facebook per sé,
我们接待了许多显然拥有多个域的客户.他们通过CMS管理其网站内容,该CMS可以与Facebook合作.客户经常有一个Facebook页面;因此至少对于我们来说,客户的网站/域与她/他的Facebook页面之间通常存在一一对应的关系.
We host many clients who obviously have many domains. They administer their site content through a CMS which can, among other things, work with Facebook. A client often has a Facebook page; so for us at least, there is often a one-to-one correspondence between a client's site/domain and her/his Facebook page.
当某人通过相关流程时,他/她正在管理该网站,但可能试图将其发布到Facebook页面.我们的一位内部管理员可以访问许多客户的Facebook页面.
When someone goes through the process in question, s/he is administering the site, but may be attempting to post to a Facebook page. And one of our in-house admins has access to many clients' Facebook pages.
因此,我重新措辞:管理员登录到客户端的站点.她试图授权我们的应用程序发布到该客户的页面.我们的应用程序将其ID/密钥数据发送到Facebook,然后将她带到登录页面.
So let me rephrase: the admin logs in to a client's site. She attempts to authorize our application to post to that client's page. Our application sends its id/key data to Facebook, and she is taken to the login page.
问题是,我们如何让Facebook知道我们正在寻求授权才能发布到她可以访问的许多帐户/页面之一?
The question is, how do we let Facebook know that we are seeking authorization to post to one of the many accounts/pages she can access?
感谢您的帮助.
推荐答案
正如CBroe在评论中指出的那样,如果要发布为页面,则需要具有您所管理页面的页面访问令牌.向应用程序授予 manage_pages 权限后,您可以调用/me/accounts 边缘以获取所有页面访问令牌进行发布代表页面.注意:您必须具有 publish_pages 权限,才能代表该页面发帖.权限记录在此处.
As pointed out by CBroe in the comment, if you want to post as a page, you need to have a page access token of the page that you admin. Once you have granted manage_pages permission to the app, you can call the /me/accounts edge to get the list of all pages that you admin and their access tokens.
You can then use the page access token of the page to post on behalf of the page. Note: You will need publish_pages permission in addition to be able to post on behalf of the page. Permissions are documented here.
这篇关于Facebook API授权-一次登录,多个域的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
