As tax time approaches here in the US, it got us thinking how bad it would be if the government mandated that everyone do their own taxes. Many people with small businesses or other complicated tax structures would be distracted from their core work in order to spend a lot of time bookkeeping. This made us realize – as Facebook applications focus on core functions like user experience, monetization, and growth, they might need to offload some of their work to other applications. With this in mind, we created the permissions API. This API will help applications focus on their core functionality by taking on some work that, while important, is not central to the application’s mission.
With the permissions API, an application can authorize another application to call certain API methods on its behalf. The application naturally can revoke this access whenever necessary. At this time, the permissions API allows applications to grant others access to three methods under the admin namespace – admin.getAppProperties, admin.getAllocation, admin.getDailyMetrics More methods and namespaces will be added to the list going forward as needed.
You can specify which of these API methods and/or namespaces are accessible within the application. For example, application A can choose to have application B gather certain stats for it by giving it permission to call admin.getDailyMetrics on its behalf, or it can just grant B permission to call all admin namespace methods by granting permission for “admin.” (This implies permission to call the 3 allowed methods). Note that:
Be aware that the permissions API provides a unique ability to ease some work for applications and is very powerful. So permissions should be granted to other applications with utmost care.
The API is currently in Beta. Try it out and let us know what you think.