権限 (Permissions)
認可されたアプリケーションは、既定ではユーザーの基本情報 (Basic Information) にしかアクセスできません。さらに追加の情報へアクセスするには、追加の権限を取得する必要があります。
追加の権限が必要なとき、それを得ずにユーザー情報へアクセスした場合には、HTTPステータスの200とともに
{"data":[]}
のような空のデータ、または
{"error":"(#200) The user hasn't authorized the application to perform this action"}
のようなレスポンスが返されます。
権限の取得
アプリケーションの認可ページへのアクセス時に、scopeパラメータで必要な権限の種類を指定します。権限はカンマ区切りで複数指定できます。
https://www.facebook.com/dialog/oauth
?client_id=APP_ID
&redirect_uri=REDIRECT_URL
&scope=COMMA_SEPARATED_LIST_OF_PERMISSION_NAMES
追加の権限はOAuth Dialogで、赤枠部分のように表示されます。
取得済みの権限の確認
次のURLへリクエストを送ることで、取得済みの権限の一覧を取得できます。
https://graph.facebook.com/me/permissions
?access_token=USER_ACCESS_TOKEN
レスポンスは、
{"data":[{"installed":1,"user_status":1}]}
のような形式で返されます。
App Settingsによる権限の確認
ユーザーはApp Settingsで、アプリケーションに許可した権限を確認できます。
アプリケーション名の右にある[Edit]をクリックすると表示される、「This app needs」の一覧がそれです。
権限の種類
User Permissions / Friends Permissions
| 権限※1 | 認められるアクセス |
|---|---|
| _about_me | the "About Me" section of the profile in the about property |
| _activities | the user's list of activities as the activities connection |
| _birthday | the birthday with year as the birthday property |
| _checkins | Provides read access to the authorized user's check-ins or a friend's check-ins that the user can see.
This permission is superseded by user_status for new applications as of March, 2012. |
| _education_history | education history as the education property |
| _events | the list of events the user is attending as the events connection |
| _groups | the list of groups the user is a member of as the groups connection |
| _hometown | the user's hometown in the hometown property |
| _interests | the user's list of interests as the interests connection |
| _likes | the list of all of the pages the user has liked as the likes connection |
| _location | the user's current location as the location property |
| _notes | the user's notes as the notes connection |
| _photos | ユーザーがアップロードした写真、およびユーザーがタグ付けした写真。 |
| _questions | the questions the user or friend has asked |
| _relationships | the user's family and personal relationships and relationship status |
| _relationship_details | the user's relationship preferences |
| _religion_politics | the user's religious and political affiliations |
| _status | ユーザーのステータス メッセージとチェックイン。
(投稿に関連付けられた位置情報に、この権限がどのように作用するかはlocation_postを参照のこと) |
| _subscriptions | the user's subscribers and subscribees |
| _videos | the videos the user has uploaded, and videos the user has been tagged in |
| _website | the user's web site URL |
| _work_history | work history as the work property |
| the user's primary email address in the email property.
Do not spam users. Your use of email must comply both with Facebook policies and with the CAN-SPAM Act. |
※1 権限の正確な表記は、User permissionsはuser_xx、Friends permissionはfriends_xxの形式となります。ただしemailだけはemailの表記で、user permissionsのみで有効です。
Extended Permissions
| 権限 | 説明 |
|---|---|
| read_friendlists | Provides access to any friend lists the user created. All user's friends are provided as part of basic data, this extended permission grants access to the lists of friends a user has created, and should only be requested if your application utilizes lists of friends. |
| read_insights | Provides read access to the Insights data for pages, applications, and domains the user owns. |
| read_mailbox | Provides the ability to read from a user's Facebook Inbox. |
| read_requests | Provides read access to the user's friend requests |
| read_stream | ユーザーのニュース フィードのすべての投稿への、アクセスと検索を許可する。 |
| xmpp_login | Provides applications that integrate with Facebook Chat the ability to log in users. |
| ads_management | Provides the ability to manage ads and call the Facebook Ads API on behalf of a user. |
| create_event | Enables your application to create and modify events on the user's behalf |
| manage_friendlists | Enables your app to create and edit the user's friend lists. |
| manage_notifications | Enables your app to read notifications and mark them as read. Intended usage: This permission should be used to let users read and act on their notifications; it should not be used to for the purposes of modeling user behavior or data mining. Apps that misuse this permission may be banned from requesting it. |
| user_online_presence | Provides access to the user's online/offline presence |
| friends_online_presence | Provides access to the user's friend's online/offline presence |
| publish_checkins | Enables your app to perform checkins on behalf of the user. |
| publish_stream | アプリケーションがコンテントやコメント、それに「いいね!」を、ユーザーやユーザーの友人のストリームに投稿することを許可する。
これはpublish_actionsも含む権限の上位セットである。 However, please note that Facebook recommends a user-initiated sharing model. Please read the Platform Policies to ensure you understand how to properly use this permission. Note, you do not need to request the publish_stream permission in order to use the Feed Dialog, the Requests Dialog or the Send Dialog. |
| rsvp_event | Enables your application to RSVP to events on the user's behalf |
Open Graph Permissions
| 権限※1 | 説明 |
|---|---|
| publish_actions | Allows your app to publish to the Open Graph using Built-in Actions, Achievements, Scores, or Custom Actions. Your app can also publish other activity which is detailed in the Publishing Permissions doc. Note: The user-prompt for this permission will be displayed in the first screen of the Enhanced Auth Dialog and cannot be revoked as part of the authentication flow. However, a user can later revoke this permission in their Account Settings. If you want to be notified if this happens, you should subscribe to the permissions object within the Realtime API. |
| _actions.music | Allows you to retrieve the actions published by all applications using the built-in music.listens action. |
| _actions.news | Allows you to retrieve the actions published by all applications using the built-in news.reads action. |
| _actions.video | Allows you to retrieve the actions published by all applications using the built-in video.watches action. |
| _actions:APP_NAMESPACE | Allows you retrieve the actions published by another application as specified by the app namespace. For example, to request the ability to retrieve the actions published by an app which has the namespace awesomeapp, prompt the user for the users_actions:awesomeapp and/or friends_actions:awesomeapp permissions. |
| _games_activity | Allows you post and retrieve game achievement activity. |
※1 権限の正確な表記は、User permissionsはuser_xx、Friends permissionはfriends_xxの形式となります。ただしpublish_actionsだけはpublish_actionsの表記で、user permissionsのみで有効です。