I'm encountering an issue with the Facebook Graph API where one of my users, User Chris, cannot list his Facebook pages despite being an administrator in Business Manager. Here's the breakdown:

Users:

User Hana

Access Token Permissions:

• email
• pages_show_list
• ads_management
• business_management
• leads_retrieval
• pages_read_engagement
• pages_manage_metadata
• pages_manage_ads
• public_profile

Behavior: Successfully lists pages using GET https://graph.facebook.com/v17.0/me/accounts

User Chris

Access Token Permissions:

• email
• pages_show_list
• ads_management
• pages_read_engagement
• pages_manage_metadata
• pages_manage_ads
• public_profile
• Missing Permissions:
• business_management
• leads_retrieval

Behavior: Fails to list pages using GET https://graph.facebook.com/v17.0/me/accounts

Additional Context:

User Chris is an administrator in Business Manager, and his pages are managed through it. When User Hana was directly added as an administrator to a page outside of Business Manager, that page started appearing in her API results. Both users obtain their access tokens via the standard OAuth flow, and the application has been approved for the necessary permissions except for User Chris's token, which lacks business_management and leads_retrieval.

Steps Taken So Far:

• Verified User Chris's role in Business Manager.
• Ensured the application requests all necessary permissions during authentication.
• Used the /debug_token endpoint to confirm User Chris's token permissions.
• Attempted to re-authenticate User Chris to obtain a new token, but the missing permissions persist.

Question:

Is there a specific configuration or additional step required to ensure that administrators in Business Manager, like User Chris, have their access tokens include the business_management and leads_retrieval permissions?

I’m working with the Facebook Marketing API to analyze playable ads. While querying playable content, I only get access to two fields: "id" and "name"

I noticed that some SDKs (python) reference fields like source_url and source_zip. But even using that doesn't give me the source.

Here’s what I’ve done so far:

GET /v21.0/{ad_account_id}/adplayables ?fields=id,name,source_url,source_zip &access_token=<ACCESS_TOKEN> 

The above call only returns a list of playable assets with only the id and the name fields. No source fields

My Questions:

1. Are the source_url and source_zip fields supported in the current API version?
2. If not, is there any alternative way to retrieve the HTML source files for playable ads?
3. Are there specific permissions or configurations required to access these fields, even as a page admin?

I implemented an android application and i am the administrator of a facebook group, i want to let my app's users post in my group using graph-api.

I created a business app in facebook developer console I used Graph API Explorer with v21.0 to post in the group using this endpoint: https://developers.facebook.com/docs/graph-api/reference/v21.0/group/feed#publish

In the requirements section, it's mentioned that publish_to_groups permission is required but with Graph API Explorer i can't find it in the list.

I tried with other permission: pages_show_list, pages_read_engagement and pages_manage_posts. But when i run this error is thrown:

(#200) If posting to a group, requires app being installed in the group, and \ either publish_to_groups permission with user token, or both pages_read_engagement \ and pages_manage_posts permission with page token; If posting to a page, \ requires both pages_read_engagement and pages_manage_posts as an admin with \ sufficient administrative permission

how can i achieve this requirement ?

update: Even when using a "Consumer"type app, the publish_to_groups permission is not listed.

Issue Description: While making an API call to {InstagramGraphApiID}/tags, we received a post that does not correspond to the photo tag account associated with the specified InstagramGraphApiID. As per the expected behavior, the API should only return posts that are explicitly linked to the provided tag account. However, the post retrieved appears to be unrelated, leading to inconsistencies in the data.
Expected Behavior: The {InstagramGraphApiID}/tags API should return only those posts where the photo tag matches the tag account associated with the given InstagramGraphApiID.
Actual Behavior: The API is returning a post where the photo tag does not match the specified InstagramGraphApiID, causing data inconsistency and incorrect association of posts.

Hi, I have been using Facebook Login for authentication into a Rails application, that uses omniauth and omniauth-facebook. Graph API is used only for user authentication. The integration has been implemented and working for more than a year. There are no issues with the integration itself, however I noticed a change in the flow. I would like to find out if this is intentional on the Facebook side or does this need tweaking on the application side.
When a user is already signed into Facebook in his browser and then he opens another tab in the same browser to sign into the Rails application, he clicks the Facebook icon and this click initiates a request to the Facebook and signs user into the Rails application.
During the integration and until quite recently, in above cases user would get a quick redirect to the Facebook and back to the Rails app, where he would be authenticated. So the entire authentication flow required user to click the Facebook icon in the Rails app. This applied only to cases when user is already signed into Facebook at the moment he clicks the Facebook icon in the Rails app. It's a different story if user is not signed into Facebook.
Recently I noticed that the flow described above has changed, now if a user who is already signed into Facebook clicks on the Facebook icon he is redirected to Facebook page with a modal, page url is something like https://www.facebook.com/privacy/consent/gdp/?params.....¶ms%5Bsteps%5D=%7B%22read%22%3A%5B%22email%22%2C%22public_profile%22%2C%22baseline%22%5D%7D¶ms%5Btp%5D=%22unspecified%22¶ms%5Bcui_gk%5D=%22%5BPASS%5D%3A%22¶ms%5Bis_limited_login_shim%5D=false&source=gdp_delegated
Modal on the page says: "Rails app is requesting access to: Your name and profile picture and email address." or "You previously logged in to Rails app with Facebook. Would you like to continue?"
And there are two buttons "Continue as Username" and "Cancel".
This requires the user to perform one more step in the authentication flow (click a continue button on this confirmation modal) and I would like to ensure seamless authentication as it was before so users don't have to provide this confirmation if they are already signed into Facebook within the same browser.
Unfortunately, I cannot recall exact date when the flow has changed but I remember the flow being seamless when I integrated it less than a year ago. I wonder if this is something intentionally enforced by Meta or is it something that can be fixed on my side?
Thank you.