Facebook: How To Get API Access
Facebook: How To Get API Access
Facebook (and Instagram) is one of the most popular digital marketing channels out there today. With lots of granular targeting options, it's a great way to reach your target audience.
Facebook also has a very powerful API, which you can use to extract campaign data or automate your processes. However, if you don't know how the authentication system works, it can be a bit tricky to get started. Here is a guide on how to create an app, system user and generate the access token you need to make calls to the API.
What You'll Need:
- A personal Facebook account
- A Facebook Business account that you are an admin of and has gone through Business Verification
First, go to developers.facebook.com.
In the top right corner, select "My Apps" and then "Create App". Give your app a display name the represents what it will do (your email should be pre-populated, but if you want a different point of contact such as a mailing list, change this now).
You now have your app! This will be used to make your API calls.
We can ignore the Dashboard page for now, so on the left hand navigation, hit Settings and then Basic.
We'll now need to fill in some basic details about our App and business for Facebook to verfiy. Enter your organisations Privcy Policy URL and Terms Of Service URL, upload a logo, choose a category (this will usually be Business & Pages) and select whether you are using your app for your own business or to provide services to other businesses.
Next, under Settings in the left hand nav, hit Advanced. We don't need to do too much here, but just scroll down to the Business Manager section and select the Business Manager you'd like this App to be associated with (you'll need to be a Business Manager Admin to do this).
Finally, scroll down to the bottom of the page and hit "Add Platform", select "Wesbite" and enter your companies URL.
Now our App is associated with our Business Manager, we need to request the relevant Permissions and Features for it so we can access Ad data. Hit App Review in the left hand navigation and then Permissions and Features.
Here, you'll see a list of all the possible Permissions and Features you can request, with explanations of what each means. There is nothing stopping you from requesting all of them! But the basic permissions you'll need to access your ad data is ads_read and to make changes ads_management (ads_management also requires manage_pages access so you'll have to apply for this as well).
To request any permissions, simply hit Request on the far right of the permission you need. You can then hit Continue to be taken to that request. Here, you'll see a checklist of what you need to do (including some of the steps above if you skipped them).
The most important things to note when filling in these forms are as follows:
- If you are simply using the API to gather data on ad performance and/or make changes based on that, you will not need to create a login (examples of these are when you create online games that people log in with their Facebook account to play).
- This does mean that you'll have to explain this to Facebook when they complete their review of your request. You can tell them that you're simply using the App for server to server integrations for ad data as below, though make sure you add more details for your specific case than I have in my example!
- You also must submit a video of the user experience for your app...tricky when, as we've said, users won't see it or log in! Here, I tend to share a screen recording of a dummy report/tool you hope to create using the API. You can do this very easily on Macs or use Screencastify for Google Chrome.
Once you have completed all the fields required, you can Submit for Review! It will usually take about a week for Facebook to get back to you. Hopefully this will be a notification of approval, but they may sometimes reach out for more details. If you're struggling with what they've asked, I'm always happy to offer help - message me on LinkedIn or drop me a note at firstname.lastname@example.org.
We're almost there, promise! Now we're done with the App for now, open Facebook Business Manager. If you have access to more than one Business, select the one you're creating API access for and then use the menu button in the top left corner of the page (next to the Facebook logo) to open the main nav and select Business Settings.
First, check that our App has been created for this business by selecting Apps from the left hand navigation (it should be under Accounts). If you can see your App here, there's nothing to do and you can skip the rest of this paragraph. If not, find the blue "+ Add" button, press and then select "Add an App". In a new tab, go back to your App page (on developers.facebook.com) click the App ID to copy it to your clipboard and then paste it into the form Facebook Business Manager has loaded. This should now associate the App with your Business Manager.
Once we've confirmed that, in the left hand nav, select "System Users" (under Users). Here we will create a virtual user, that will be used to control which Ad Accounts we can access through the API, saving us from using a personal account which may be compromised/someone who leaves our business.
Find the blue "+ Add" button, press it, give your System User a name and leave Role as employee.
Your new System User should now appear in the list. Select this user and then hit "Add Assets".
In the popup you can select exactly which permissions you want to grant the System User (and therefore whoever is using the tools you're going to create using the API) for pages, ad accounts, catalogues and apps. Select the permissions you need for each and then hit Save Changes.
Last Step! Next to the Add Assets and Revoke Tokens buttons, you should see Generate New Token. Hit this button, select the App we've created and had approved, and the permissions you'd like to approve for this token. You'll recognise them as the same list we could apply for during our App creating process - so go back and request any you might want but missed earlier.
Once you've selected the permissions, hit Generate Token and there we go! You now have a Facebook API access token which you can use to call the API for any use you can dream of! Make sure you keep this token safe and secure, as anyone who has it can now use the API to access your pages, campaigns and data. It's a good idea to come back regularly, Revoke Tokens and then generate a new one so you know exactly where it is being used for what.
Remember also, using this token you can only access pages and accounts that have been assigned to your System User - so if you get authentication issues, double check that first.
I hope this has helped set you on your way to automating your Facebook processes and you can create all kinds of interesting tools. Don't hesistate to reach out to me (LinkedIn or email@example.com) with any questions, or if you would like to work with Adcessible to create some amazing tools to help manage your Facebook activity.