The Facebook Graph API is a way to get information from Facebook data. Using the HTTP REST API, clients can do a variety of tasks such as query data, post updates and pictures, get albums and create albums, get the number of likes for a node, get comments, and so on. The following section covers how to get access to the Facebook Graph API.
Note
On the Web, Facebook uses a variant of the OAuth 2.0 protocol for authentication and authorization. The native Facebook App is used on iOS and Android.
To use the Facebook API, the client needs to procure an access token to work with OAuth 2.0. The following steps shows how to create the App ID and secret key and then get the access token to execute queries for Facebook data:
Go to developers.facebook.com/apps. You can create a new app. Once the app is created, you will be assigned the App ID and secret as shown in the following screenshot:
Once you have the App ID and secret, you can get the access token and execute queries for Facebook data.
To post a message, the user can invoke a simple API as shown:
POST /graph.facebook.com/me/feed?message="foo" &access_token="…."
To get details of your ID, name, and photos using the Graph Explorer, the query is as follows:
https://developers.facebook.com/tools/explorer?method=GET&path=me%3Ffields=id,name
The following screenshot shows a Graph API Explorer query with node
dalailama
. Clicking on the ID gives more details for the node.
Thus, we saw how to use the Graph API Explorer application to build up a query for a node in the Social Graph. We can query by various fields such as ID and name and try using methods such as GET
, POST
, or DELETE
.
The following table summarizes the commonly used verbs in the Facebook Graph API:
Verb |
Description |
---|---|
|
This is used to retrieve resources such as feeds, albums, posts, and so on |
|
This is used for creating resources such as feeds, posts, albums, and so on |
|
This is used for replacing resources |
|
This is used for deleting resources |
The Graph API currently uses version 2.1 released on August 7, 2014. The client can specify a version in the request URL. In case a client does not specify a version, the Facebook Open Graph API defaults to the latest version available. Every version is guaranteed to work for 2 years after which if the client makes any calls using an older version, they get redirected to the latest version of the API.
The following snippet shows the error response from a failed API request:
{ "error": { "message": "Message describing the error", "type": "OAuthException", "code": 190 , "error_subcode": 460 } }
As shown in the preceding code, there are JSON Objects called code
and error_subcode
in the error message, which can be used to figure out what the problem is and what the recovery action will be. In this case, the value of code
is 190
, which is an OAuthException
value, and the error_subcode
value of 460
indicates that the password may have changed and hence the access_token
is not valid.
The Facebook Graph API has different rate-limiting policies based on whether the entity using the API is a user, an application, or an advertisement. When the calls from a user exceed a limit, there is a 30-minute block-out period for the user. For more details, check https://developers.facebook.com/docs/reference/ads-api/api-rate-limiting/. The next section covers the details of the Twitter REST API.