I have an Android app that uses the 'publish_actions' and 'user_photos' permissions to create photo albums on Facebook. I have already applied and been approved for 'publish_actions'. However, it will not let me apply for the 'user_photos' permission, because it says my app has not used this permission in the last thirty days.
My app does in fact use this permission. I have successfully published albums repeatedly from developer accounts and test user accounts. This only works if I use the 'user_photos' permission. If I try to create an album when I haven't requested 'user_photos', it doesn't work
Yet it still says I'm not using this permission. And I didn't have this problem with the 'publish_actions' permission; it was able to recognize that I was using it.
What do I need to do to make this permission available for applying? It almost seems like creating an album "requires" the permission, but does not "use" it.
I've heard some suggest that you need to be using the app owner's account, but again, this was not necessary for 'publish_actions'.
I solved this problem by changing the functionality of my app. Now my app reads in a user's albums, and appends photos to the album if it already exists. Doing so results in Facebook recognizing the use of the permission, which allows me to apply for it.
Overall, this still seems like a bug on Facebook's end.
You don't need the user_photos permission to publish photos, only publish_actions. You do need user_photos to be able to read (and get) the photos that a user has uploaded.
You, as an admin on the app, is allowed to grant any permissions you want to your app (since you'd need to be able to do that for development). Users who are not in an admin/dev/test role in your app will not be able to use any features that require additional permissions until your app is approved.
Related
I have built an app that use different kind of permissions like location, contacts etc.
Not all the permissions are used by all the users, instead each user only needs the permissions related to the features he/she is using it.
My question, should I ask all the permission on startup for all users or can I add them gradually while using the app and only when needed?
Thanks
If a user doesn't know why they need to accept a specific permisson, they may be suspicious and refuse (eg. camera).
If they click on a functionnality like 'Scan code' they will know why they are being asked for that permission and accept.
If you asked beforehand and the user refused, when you get to the part where you need that permission, it won't work. This is why they changed it to dynamic permissions in Android 6.
I have an app that reads the call log and count the SMS messages to make statistics as graphic charts, and the app requires SMS permissions and phone call log permission, and when i uploaded it on google play store ,I didn't find the approbate choice from the permissions declaration list , so i send through Google play console why i'm using these permissions and i explained to them how my app works and what it does, and the message to them was this :
"The App uses the permissions selected above to count the numbers or SMS and read phone calls log to show statistics to the user as a graphic charts.The App doesn't read, send, or receive SMS , violate user privacy or backup/store any personal information."
and they replied after days:
"We reviewed your exception request and found that it does not qualify for use of the requested permissions.
Per the Permissions policy, you may only request permissions that are necessary to implement critical current features or services in your application. You may not use permissions that give access to user or device data for undisclosed, unimplemented, or disallowed features or purposes."
any suggestions?
Screenshots:
https://cdn1.imggmi.com/uploads/2019/6/6/baa1a74029f0da2564a3f596d525ec33-full.png
https://cdn1.imggmi.com/uploads/2019/6/6/4a4b61f5d5470520a0a55eba35a642ac-full.png
You cannot upload your app on Google Play store unless they grant you permission after you explain them why you actually need access to the data.
Google has started removing apps which use SMS or Call Log permission, which they consider dangerous, and will send notice to developers 90 days prior about sending a Permission Declaration form, which if accepted by Google will make your app visible in the Play Store.
They clearly state in their blog post:
Our new policy is designed to ensure that apps asking for these
permissions need full and ongoing access to the sensitive data in
order to accomplish the app's primary use case, and that users will
understand why this data would be required for the app to function.
So, they'll accept your app:
If you remove the permissions mentioned above.
If the permissions are appropriate for the primary use case of the app.
Also, if your app is useless without these permissions, and Google's review team isn't granting you permission to publish on Play Store, you can do nothing about it, except maybe publish your app on different App Stores.
Please Go through
https://android-developers.googleblog.com/2019/01/reminder-smscall-log-policy-changes.html
Google has restricted apps with sms and call log permissions.
I am creating an application that needs posting on the timeline of User, and to make the test development I always used an App ID I had already created for some time and it works normal. However, I had to create a final version of the application so that does not work and created the same way I created the test App ID. Afterwards, I came across what appears to be a new privacy policy of Facebook "Submit Items for Approval" is my doubt.
Is really necessary from now when creating a new application has to submit revision of Facebook to be able to have permission "publish_actions"?
If you want your app to be accessible to the public, aka publish on a random user's timeline, you now need to request for publish_actions permission. You can read all about permissions here: https://developers.facebook.com/docs/facebook-login/permissions/v2.0
I'm currently integrating an android app with the new Android Facebook 3 SDK.
I've got it working, but I've noticed that in "My Apps" on facebook it states that the app needs to post on my behalf to my friends. This is not a requirement for this app and I have not specifically requested any extra permissions. I have noticed that a number of other apps in my app centre can only post to "only me".
How do I remove the need for this permission?
You can use the setReadPermissions() of the LoginButton class for this.
this will only set the read permissions.
to set publish permissions you need to use setPublishPermissions().
the login button can only be associated with one of these at a time.
If you see that your app has publish permissions in your facebook settings, that means at some point you have authorized the app for publish permissions.
If you want to remove it from your settings, you can either remove the app, or remove just the "Post on your behalf" permission (in your facebook settings).
Then, you can change your app to only request read permissions, and not publish permissions. You cannot remove permissions from the app directly, you can only request more.
I am actually preparing to release an app using the device google account to authenticate on Google App Engine server.
To do that, I need those permissions :
USE_CREDENTIALS : obviously
INTERNET : obviously
GET_ACCOUNTS : to ask the user to select one of the google accounts registered on his phone.
My problem is with GET_ACCOUNTS : I think it's quite intrusive to ask this permission along with INTERNET : I would be able to get all his accounts (google, facebook, etc...) and send them to my server (I won't do that of course !). But I fear this permission may scare users, and they may not download my app...
I had the idea to report this permission to an other app, which wouldn't have INTERNET permission. This app would be called with an intent, and return only the account chosen by the user. And then, my main app don't need GET_ACCOUNTS anymore.
The source code is there : http://code.google.com/p/account-chooser/
It's quite simple (only one screen)
To send an intent to this app I use a utility library like IntentIntegrator from ZXing. If my "account chooser" app is not present on the device, it asks the user to download it from market.
What do you think about that ? Is it a good idea ? Am I right to bother the user with downloading a mysterious app he may not understand the usefulness ? Or should I just use GET_ACCOUNTS permission in my main app without questionning myself about privacy ?
So instead of just asking for the GET_ACCOUNTS permission within your app, you plan to request it in another app and in turn expose that information to any other app on the device (via an intent).
Stick with asking for the GET_ACCOUNTS permission within your app and be done with it. Speaking from experience, if an app I downloaded forced me to install yet another app just to get some functionality out of it, well.. you know what happens next :)