0

Using the Facebook API, you can get back the post ID of a Facebook share, even if the user has not authorized your app.

The post ID is prefixed by your user ID, and separated by an underscore.

FB.ui({
    method: 'feed',
    name: 'People Argue Just to Win',
    link: 'http://www.nytimes.com/2011/...',
}, function( response ){
    // Response gives you :
    // { post_id: "[fbUserId]_346759642059572" }
});

To me it looks like Facebook is using this programmatically, rather than with the idea of providing us the userId out of the kindness of their hearts. But it's extremely tempting to use.

I'm a little rusty on permissions - if there is a way to get back all the users that have liked/shared a specific URL, and not just a count, then this should be okay.

But the question remains, is it acceptable to use?

EDIT:

Now that I think about it, you can access the user ID by making an anonymous call to https://graph.facebook.com/[postId] but ONLY if the post was made public.

Luke
  • 799
  • 8
  • 11

2 Answers2

1

If you get a response from FB, it means that you have already ask the user for the required permissions,
so yes you can use the data returned from Facebook as you like, but you always have to inform the users how you use those data.

Philip
  • 5,011
  • 2
  • 30
  • 36
  • to add this Philip, i am referring to all public data that can be pulled from graph api with out user perms, such as name and id. – ShawnDaGeek Jun 09 '12 at 22:07
  • The sample in the question doesn't require authorization - so the user hasn't given the application any permissions. Essentially, I am able to access their ID without their consent, and therefore their name and photograph (via a public api call). Normally, you can only determine a user id after they authorize your app. – Luke Jun 10 '12 at 10:29
  • You are correct @Luke, to authorize an app, a user must approve to share some public data with the app. "Your basic info" – Philip Jun 10 '12 at 13:14
0

You can only cache user data if you have permission or it is necessary for the function of your app. Using the like button you can subscribe to edge.create and cache the response from the like.

refer to: http://developers.facebook.com/docs/reference/javascript/FB.Event.subscribe/

II. Storing and Using Data You Receive From Us

You will only request the data you need to operate your application. You may cache data you receive through use of the Facebook API in order to improve your application’s user experience, but you should try to keep the data up to date. This permission does not give you any rights to such data.

in my app i store the id of every page or user that is viewed to speed up page load times and count page views. Seems with in the scope of Policy as long as i am not sharing the info with 3rd parties or making public what a user has set to non public.

ShawnDaGeek
  • 4,145
  • 1
  • 22
  • 39