Invalid appsecret_proof provided in the API argument
Solution 1
finally i got the answer.... disable Required app secret proof in the advanced settings of app, and comment the following code in base_facebook.php sdk
if (isset($params['access_token'])) {
$params['appsecret_proof'] = $this->getAppSecretProof($params['access_token']);
}
Solution 2
As for documentation:
Graph API calls can be made from clients or from your server on behalf of clients. Calls from a server can be better secured by adding a parameter called appsecret_proof.
So you need to specify additional param appsecret_proof
togather with access_token
. The appsecret_proof
is digital signature of access_token
that signed with your app secret. The signature need to confirm access_token
. To get appsecret_proof
you need to calculate signature like this:
secret = 'app secret'
token = 'access token'
digest = OpenSSL::Digest.new('sha256')
proof = OpenSSL::HMAC.digest(digest, secret, token)
# result params:
"access_token=#{token}&appsecret_proof=#{proof}"
The example is on Ruby language but this is not language problem. Please refer your language manual to refer for hmac signature api.
![Admin](/assets/logo_square_200-5d0d61d6853298bd2a4fe063103715b4daf2819fc21225efa21dfb93e61952ea.png)
Admin
Updated on June 23, 2022Comments
-
Admin about 2 years
i have created an app in my facebook account and done post to my friend using my access token (php).
But another user cannot post to their friend using my app id and secret and getting the error
Invalid appsecret_proof provided in the API argument
i have disabled
Required app secret proof in my app settings
any solution please?
public function facebookUsershare() { require '../facebook/src/facebook.php'; $facebook = new Facebook(array( 'appId' => 'app id', 'secret' => 'secret_key', )); $privacy = array( 'description' => 'Vladimir Sergeevich', 'value' => 'CUSTOM', 'friends' =>'friend id' 'allow' => 'loged in user' ); try { $result = $facebook->api('/me/feed', 'POST', array( "access_token" => 'access_token', 'picture' => "path to image", 'link' => "gmail.com";, 'name' => "Go wi6 7", 'caption' => "capn", 'privacy' => json_encode($privacy) )); echo 'Successfully posted to Facebook Personal Profile'; //return $facebookfrndids; } catch(Exception $e) { echo $e->getMessage(); return false; }