Facebook App Review

When you create a Facebook application, users can authenticate and JFBConnect can fetch their email address, first name, last name and a few other basic details about the user. To get additional information about the user's profile or do more advanced features, you'll need to go through the Facebook App Review process to show why you want those permissions for your site.

Basic Scope

Scope is the word Facebook uses for each permission you can request from a user. By default, each application has the permission to read the following fields from a user after they authenticate on your site:

  • id - Unique identifier for the user
  • First Name
  • Last Name
  • Middle Name
  • Name - The full name of the user made up of the above 3 parts
  • Name Format - The person's name formatted to correctly handle Chinese, Japanese or Korean ordering
  • Profile Picture
  • Short Name - A shortened, locale-aware name for the person

Facebook is constantly changing. You can see the current list of available default fields in Facebook's Permissions Reference documentation.

Additional Scope

While configuring JFBConnect, some settings you choose may require additional scope to work. Profile fields like Current Location or Hometown Location, importing a user's last status update into another Joomla profile extension, or setting up any of the Channels feature all require additional scope to function.

JFBConnect offers a simple way to check which additional scope you have configured by going to the App Review section in the admin area. In the App Review area a list of the different configuration areas of JFBConnect are displayed along with the permissions configured by those sections:

  • Profiles - Shows any permissions required for authentication, including additional fields that are set up in the Profiles section to import into Joomla profile extensions.
    • These permissions will be requested from all users that authenticate on your site.
  • Channels - Permissions set up to post to or read a stream from a Facebook Page or Group.
    • These permissions will only be requested from users for whom you have set up a Channel. Most users will not see a request for these permissions.
  • Custom - Permissions manually set up in the Configuration -> Facebook section for custom development usage.
    • All users will see a request for the permissions set up here.

JFBConnect App Review Details

The Facebook App Review Process

It is recommended to request only the scope you require for your website. Please review each of the permissions in the JFBConnect -> App Review list to verify you really need them. Requesting unnecessary or unused permissions can prevent users from wanting to register on your site with Facebook and may cause Facebook to deny those permissions to be requested at all.

Once you have a list of scope that your app requires, you'll need to go through the Facebook App Review process. The App Review allows you to explain to Facebook what scope you want to request from your users, why you want to request them, and how your site will use the data that each scope provides.

Scope Selection

We suggest going through a separate App Review process for each section of JFBConnect's App Review area: Profile, Channels and Custom. This allows you to group related scopes together for review, making the review process more straightforward.

Review Process Steps

  • Go to the Facebook Apps Developer area 
  • Click into your Application
  • Click the "App Review" item in the left sidebar menu
  • Click the "Start a Submission" button in the middle of the window
  • Select the items you want to apply for permission to use
  • Add details to explain how the scope is used on your site
  • Add pictures or a screencast to provide more details
  • Submit!

Those Pesky Details

We work hard to make sure JFBConnect only uses permissions as Facebook requires. However, you'll need to explain and demonstrate how you use those permissions on your site. When you add a scope to your submission, a list of suitable use cases is provided. Make sure you are using the permission according to those requirements before submitting. 

For example, when requesting the "user_link" permission, an acceptable use case is
"To provide a way for someone who uses your app to visit the Facebook profile of another person who uses your app, for example, for dating or local listings."

Assuming you're using JFBConnect to import the user's Facebook profile link into JomSocial, Community Builder, EasySocial or another profile extension, a suitable description would be:
"The user_link scope is requested to provide a link in the user's on-site profile so other users can view their Facebook profile."

Screencasts

There is a section in the App Review submission for screencasts to help explain your request. Submitting this isn't always required, but will help the reviewer understand your site and interaction points for your users much more clearly. 

What may seem obvious to you, like where to login or where to find their profile page that shows how imported data is displayed may not be immediately obvious to them. A screencast that shows you logging in using Facebook and where to go on the site to view imported data (for profile fields) or how to post to a channel (using the social toolbar's Create Post) button will greatly help streamline your approval process.

Your screencast does not need to be professionally done! You can use a cellphone aimed at your monitor while you navigate the site. The reviewer is not looking for perfection, just an understanding of how the scope is used.

Social Stream
SourceCoast Joomla Social Extensions
Friday, 25 May 2018
JFBConnect 8.0 Coming Soon! Stay tuned.
Refer and Earn

Like our extensions? You're not alone! That's why they're used on tens of thousands of websites. Now you can earn 20% of any sale you refer to SourceCoast.com.

We provide excellent documentation, well laid out sales pages and great support. All you need to do is spread the word and we'll take care of the rest.

Learn About Our Affiliate Program