Using Node.js to Interact with Facebook’s Graph API

Facebook has a JavaScript SDK for interacting with their Graph API, but it’s for client-side JavaScript – there is no Node.js SDK.Although there are several NPM packages for working with Facebook’s Graph API, no NPM package seems to be as mature as packages for other social media platforms like Twit for the Twitter API. The best of the few seems to be facebook-node-sdk, but I hesitate to rely on it for a business critical app.The Graph API docs have no examples using vanilla JavaScript (although there are a few examples using their client-side SDK)

This blog post is filled with useful examples using Node/Express!
Contents:
-Authorization & Access Tokens
-Querying the Search Route
-Querying a Single Graph Object
-Querying for the Pages a User Manages
-Posting Content.

1. Authorization & Access Tokens
To get started, you need an access token obtained through Facebook authentication. If you have an access token at your disposal, you can skip the rest of this section. If you need to get one, read on

Generally, an app acquires a user access token through an authentication procedure. Passport.js is a great authentication package for Node.js apps.The Passport.js Facebook authentication strategy comes with a very useful demo app that uses Express.js. If you need to acquaint yourself with Passport, this repo is a great place to start.

Getting a token
Unfortunately, it isn’t as easy as merely firing up the example linked to above and authenticating. You must to have an app registered with Facebook. Instructions for doing so can be found here.

Once you have a registered app, you’ll need to use the app_id and app_secret in the config file of your authentication app. Adjust the code in the demo app so you console.log() the returned access token, as you’ll need the token for the requests outlined below.

Getting POST permissions
No all access tokens are created equal. If you intend to post to a user’s feed or to a page managed by a user, you need to specifically ask for ‘publish_actions’ and ‘manage_pages’ permissions through a scope object in your authentication.

When you ask for these permissions, a user logging in will see a prompt stating your app is requesting these permissions. If the user clicks the okay button, an access token with the specified permissions is generated

Facebook’s App Review Process
Without submitting your app to an official FB review process, the above code will only give you ‘public_profile’ access. To request additional permissions you have to prove that you’re a well-intentioned developer with a well-intentioned app.For the right to obtain access tokens with additional permissions, you’ll have to fill out the ‘App Review’ section of your app’s settings page in the Facebook Developers website.

The review process is quite an endeavor, and requires you to describe your app and submit a video walk-through of how your app is used.

2. Graph API Search
If have an access token, you’re ready to get startedAlthough the Node/Express route is a POST route, the request we are sending to the Graph API is a GET.For the app we are building, the value assigned to searchType could be ‘page’ or ‘user’, and each type will return different properties. In reality, the search Type could be any of the objects listed above.

Notice the the fields property and the userFieldSet and pageFieldSet constants. When searching pages, the code above requests the ‘name, category, link, picture, is_verified’ fields to be returned. These are all part of the page public profile and do not require special permissions.The fields requested when searching users are part of the user public profile. Although these fields are all publicly available, this data will not be returned unless specified in the fields property of the request.

The Graph API’s search end point only returns publicly available information (I think), and there’s a good chance that you’ll want more than this; you’ll probably want the additional information your user access token permits you.

3. Querying a Single Graph Object
This section covers what you’ll need to do to get information about a single object. The section starts with querying a single user, and ends with querying a single photo.

When querying the search route (see above), an id is returned regardless of the object type and fields specified. You need this id to make a single object request(e.g. ‘page’, ‘user’, ‘event’, ‘photo’, ‘post’, etc.).

Below is an example of querying a single user by id.

Permissions: If you have a Graph object’s id, you can request detailed data as long as the access token you’re using has permissions for the fields you are requesting.

Although a lot of information is returned, much important information is left out. For example, no urls are provided for the photos in my photo library. To get a photo’s url, you have to ask for the link field of the photo. photos is a field of a User node; link is field of photo. To get the link of each photo in our response, we need to request a field (link) of a field (photo).

The syntax for requesting the field of a field is field{nestedField}. To request more than one nested field, separate them by commas like so: field{nestedField1, nestedField2, nestedField3}. While we’re on the topic of cool syntax to work with the Graph API, there’s also a way to limit the number of items returned

4. Querying for the Pages a User Manages
This request is probably not one you need to use very frequently, but if your app needs to manage the pages for which the user has admin permissions, this example will be useful.

In the example below, notice the fields property is not included because the data you’re requesting is implicit in the url.The user query in section #3 above also returned this information because the user access token that is used has permissions for this information, and ‘accounts’ is specified in the fields property of the request.

If you have accounts permissions, and only want a list of accounts the user manages (rather than all user data), then this is the query you want to perform.