This document covers many of the more common questions developers ask when submitting for review.
Yes. Apps that access content of public pages need to request Page Public Content Access feature and require review by Facebook.
Yes. In v3.0, all Messenger Platform APIs are included under Pages_messaging permission and require review.
publish_actions permission is deprecated in Graph API v3.0. Apps can still post stories via mediated experiences like the Facebook Share Dialog on the web, or the Share Sheets for iOS and Android. Apps can publish to groups through the
publish_groups permission, which requires an app go through review.
user_managed_groups permission is deprecated in Graph API v3.0. Apps can use the new Groups API, along with the
read_groups_user_data permissions in its place. The new API and permissions require apps go through review by Facebook.
In Graph API v3.0, apps that access events need to use the
user_events permission. Apps that use that permission will need to be reviewed by Facebook.
The Instagram API is not affected by Graph API v3.0. However, all apps that use the Instagram API need to be reviewed by Facebook.
Yes. Apps can access only a user's name, email address, and profile picture without App Review. All other permissions will require review by Facebook.
There are no changes to Business Manager APIs in Graph API v3.0. Apps requiring access to Business_Management permissions will require review by Facebook.
Apps that use mediated sharing products like social plugins, share dialog and share sheets, or a subset of Facebook Login do not have to be reviewed by Facebook. To learn more about what requires review, please see our App Review documentation.
We review your app to ensure a high-quality Facebook experience across apps. In general, people must be aware that they are logging in and posting to Facebook. People should be able to control the info they share with your app or back to Facebook.
Note: People who are listed in your app's Roles tab will have access to extended permissions without going through review (e.g. manage_pages). However, when the app goes public it must go through App Review to access information even for people with roles on the app.
All app capabilities should be available when your app is in Development Mode but you will only be able to access your data, your test user's data, or your pages data. If you wish to take your app public, even if you are the only user, it must go through app review .
Due to changes to the review process and the high volume of submissions expected, it may take several weeks for submitted apps to complete review.
Please provide as much info as possible to help the reviewer, including clear screenshots, detailed step-by-step instructions and a screencast recording of your app and its Facebook integration.
You'll need to explain exactly how to test each permission or feature in your app so that we can make sure it works and follows our policies. We can't approve your app if we can't fully test how it integrates with Facebook. Giving detailed instructions makes it less likely that you'll have to resubmit for review.
For each permission you request, list reproduction instructions in a step-by-step format. All instructions must be in English.
Your instructions should not:
Here's a good example of step-by-step instructions:
If you're still not sure about what to include, please see more examples in our examples section for App Review.
In certain cases, you may need the reviewer to reproduce a certain behavior or experience available only to a specific test user. If this is the case, you can add this user to your submission on the App Review page. In the Items in Review section, you'll see a Test User (optional) section that allows you to type the name of the user you wish to be used in your review.
The only test users available here are those listed as Test Users in the Roles section of your app. Please do not share Facebook login credentials for users in your review instructions.
Learn more about how to create a test user.
Before approving your request for user_likes, your reviewer will need to confirm that your app provides a unique experience to users based on the like info it receives from them. To do this, our review team will test your app with a variety of test users, each with a different set of likes and interests.
When submitting a request for user_likes, you should write detailed instructions that include:
If you're using user_likes as part of an algorithm, it's important that the reviewer can see the result of this algorithm and how it influences content shown to people.
Our review team will actually test how your app uses each permission on every platform you have listed in the settings section of your app. Your reviewer ensures that your Facebook Login integration works correctly and that each permission requested adheres to our principles and utility guidelines while providing an enhanced user experience.
You don't need to go through review for your app to publish to your Profile or Facebook Pages that you own. Anyone listed in the Roles section of your app's dashboard can grant permissions without review. If you want a small number of additional people to have this ability, we recommend you add them as developers or testers in the Roles section of your app's dashboard.
If your app is a game and has a presence on Facebook Canvas
You can invite new players to your game by using either the:
If your app does not have a presence on Facebook Canvas
This type of message is a great channel for communicating with a smaller number of people in a direct way. The Message Dialog and the Send Dialog both include a typeahead which lets the person easily select a number of friends to receive the invite.
No. Once you've been approved for a permission, you can use it across any version of your app on any platform.
If you expand and develop your app on a new platform, this will not need to be submitted for review. You only need to resubmit for review if you want to request a new permission - for example, when you add a new feature to your app. Changing and submitting your App Details or Open Graph actions will not affect the permissions you've been approved for.
Our review team uses multiple test users when reviewing submissions, and we don't always use the test user you provide. If your submission does need to be reviewed using a specific test user please let us know in your review instructions.
If you provide a test user, make sure you've correctly created the test user and attached the user with your submission.
Our review team will use the instructions you provide to test your app's Facebook integrations.
If you feel our reviewer has incorrectly rejected your app, you should resubmit for review with updated review instructions that provide more info for the reviewer.
The review process is the best way to communicate with your reviewer by updating your notes to address the feedback you've received.
Your app will be reviewed on each of the platforms you list in the Settings section of your App Dashboard. If you don't want a certain platform to be reviewed, including if you don't yet have a working version of your app on a specific platform, please remove it from your Settings page.
You can find more info in our documentation on platforms.
A screencast is a great way to guide us through your app and show us how you're using the requested permissions. Here's some best practices and third party resources for creating a screencast.
Your video should show how your app uses each permission it requests. If you're requesting publish_actions, it should also show how content from your app is created and shared to Facebook.
To approve your app submission, our review team will need to log into your app and check all Facebook integrations.
If your reviewer has been unable to load or use your app, please make sure that:
If you're rejected again for the same reason, update your Review Instructions or Add Notes section to ask your reviewer for some clarity and additional info.
Our review team may need additional login credentials for your app in order to complete your review.
If your app requires a secondary login before or after Facebook Login, please be sure to provide a username and password for this. This may include login credentials for a testing or demo server, secondary login for your app or an e-mail registration flow.
Apps hosted on staging or development servers may require an additional login to access your server. Please provide all necessary login credentials for this also.
If you're still not sure what credentials are missing, you can provide a video with your next submission that shows the Facebook Login option and all relevant Facebook integrations you're submitting for.
It's against Platform Policy 4.5 to incentivize people to use social plugins or to like a Page. This includes offering rewards or gating apps or app content based on whether or not a person has liked a Page. User_likes will not be approved for this purpose.
To ensure quality connections and help businesses reach the people who matter to them, we want people to like Pages because they want to connect and hear from the business, not because of artificial incentives. We believe this policy will benefit people and advertisers alike.
To be approved for App Center, your App will need to meet our eligibility requirements. Apps eligible for the Facebook App Center must use Facebook Login or have a Facebook Canvas app.
App eligible to be listed in App Center are:
Your text assets and promotional images must also meet our guidelines.
Your review response will include a clear explanation for why your app wasn't approved, as well as the next steps you should take. We want to get you through the process as quickly as possible, so be sure to read this feedback carefully. Once you make the necessary changes, you can submit for review again.
If your app uses a permission in a way that isn't approvable, your feedback will explain this and you shouldn't resubmit for review.
The App Review process involves loading your app on each supported platform, logging in with Facebook, and using every Facebook integration that you're requesting in review. This often results in what we call 'general issues.' These are errors or bugs relating to loading your app, logging into your app or the general functionality of your app. This means we weren't able to test the permissions you request in your submission.
Since these are issues that prevent us from reviewing your Facebook functionality, we can't comment in detail about how your app uses the Facebook functionality you've submitted for review. Because of this, we reject with 'General Issues' and provide feedback about this on each platform.
If you receive a 'General Issues' rejection, please carefully read all of the feedback. Each platform will receive individual feedback that should explain what issues were experienced in review.
During the review process, our review team follows your instructions to reproduce how permissions are used within your app. If we can't reproduce this experience - for example, because we can't follow your instructions, or we can't log into your app - then we also can't approve the submission.
To avoid this, please:
In particular, for the publish_actions permission, please confirm that your app's publishing functionality is configured correctly. We need to be able to publish your app's content back to Facebook during the review process.
If your question not answered here get help in the Facebook Developer Community group. The group is active with both our talented community members and also Facebook staff. If you have additional questions about the review process try post them in the group.