Facebook Graph API /me?access_token=... keeps returning empty JSON for valid access token
I'm developing an app that will make use of the Business On Behalf Of API (https://developers.facebook.com/docs/marketing-api/business-manager/guides/on-behalf-of#bm-client). Based on the steps in the documentation above, I was able to progress with regards to login (step 0), creation of the partnership between the BMs (step 1), generation of the access token for the client's BM system user (step 2) and I am stuck in obtaining the system user identification number (step 3) through the following request:
curl -i -X GET
"https://graph.facebook.com/v19.0/me?access_token=<CLIENT_BM_SU_ACCESS_TOKEN>"
I have a valid system user token, with all desired permissions and attributes, validated through the Access Token Debugger (https://developers.facebook.com/tools/debug/accesstoken/?access_token=...&version=v19. 0). However, the request to get this user's id continues to return an empty json as a response.
Request made: curl --location 'https://graph.facebook.com/v19.0/me?fields=id&access_token=...'.
The response is always {} (empty json).
My app's permissions at login are: pages_read_engagement business_management ads_management
The system user access token created in the customer's BM has the following permissions: ads_management pages_read_engagement
as the documentation suggests (I've already tested generating this token with other permissions, but the problem persists).
I tried to research whether it was a lack of permissions, but I couldn't find anything conclusive. I researched the app's settings and didn't get promising results either. I tested using both Login and Login for Business as a Product for my app, but there was no difference in relation to the problem. Making this same request with user or system user tokens, administrators or not, from my accounts and my BM works as expected (returns the user id), but when it is a system user of the client's BM, following the step the step of the Business Intermediation documentation, it doesn't work.
I need this id to assign the assets to this user and then have access to the client's pages. By manually obtaining the user ID through the debugger and following the other steps, it is possible to complete the entire process and carry out the intermediation as expected (manage the assets on behalf of another company). However, this step is not allowing me to automate the process 100% and will hinder the usability of my application. Am I missing something?
Use a permission "public_profile" while generating an access token.
The request I'm using to generate a new access token is POST /{business_id}/access_token with ads_management,pages_read_engagement on scope query param. Adding public_profile to scope gives the following error: ``` { "message": "Provided permission is not valid. Check your spelling and syntax.", "type": "OAuthException", "code": 3962, "error_subcode": 1690078, "is_transient": false, "error_user_title": "Permission not valid", "error_user_msg": "Provided permission is not valid. Check your spelling and syntax." } ``` Was it your suggestion?
Also, the generated token already has the public_profile permission according to Access Token Debugger (developers.facebook.com/tools/debug/accesstoken)
Ensure permissions are passed correctly as a comma-separated list in scope.
The requisition I was doing is curl --location --request POST 'https://graph.facebook.com/v19.0/{business_id}/access_token?scope=public_profile%2Cads_management%2Cpages_read_engagement%2Cbusiness_management&access_token=...&app_id=...' With public_profile on scope, it returns an error. Without it, the POST request returns success. And even without passing this public_profile permission, the token is generated with it according to Access Token Debugger (developers.facebook.com/tools/debug/accesstoken). So I think it's not the problem.