i have implemented server-side login flow facebook page management application allow users grant necessary permissions application. far, works nicely , allows application obtain "page access token" after being granted manage_pages permission.
however, during login flow, facebook ui on facebook.com requests both manage_pages permission (which asked for) , permission see list of friends of user (which did not ask for).
to specific, redirect user https://www.facebook.com/dialog/oauth?client_id=...&redirect_uri=...&state=...&response_type=code&scope=manage_pages.
is there way convince facebook ui not request permission user see list of friends ?
for reference, since spent amount of time researching answer question, believe impossible explicitely not request permission user see list of friends. facebook documentation hints @ stating these "default" permissions every application gets.
Comments
Post a Comment