Sample App Review Submission for Server-to-Server Apps

Let's say you've developed an app that needs the ads_management and manage_pages permissions to update items in your app users' Facebook ad product catalogs. You've completed development, have read each permission's description as well as our Platform Policy, and have verified that your app uses data in an approved manner. Your app is now ready for public release, so you begin the app review process.

Adding Permissions

You sign into your app's dashboard, click App Review then click Permissions and Features.

Your app needs the ads_management and manage_pages permissions, so you search for and request both of them.

Describing Data Usage

Now you describe how your app will use the data that each permission will allow your app to access. You start with ads_management. You click Current Submission, then click the blue arrow icon in the Tell us how you'll use ads_management row.

After agreeing to our permission and feature usage guidelines, you provide a general description of what your app does, then explain how the ads_management permission will provide value to your app users. You enter the following description in the Tell us how you're using this permission or feature section:

"Our app allows our ads management team to update product items within our Facebook product catalog to be shown in ads we run on Facebook. The ads_management permission allows me and my team to access our product catalog so we can update product details, such as price, picture, etc."

In the Demonstrate how your selected platforms will use this permission or feature section, you switch the Server-to-Server toggle to On.

In the Server-to-Server field that appears, enter the steps your app uses to accomplish tasks that use ads_management. You enter the following:

"Our app programmatically updates our product catalog.

  • A script runs every Thursday at 3am that checks our product database for changes.
  • If changes are found, a call is made to the Graph API using ads_management permissions to update our product catalog."

Finally, in the Show us how you're using this permission or feature section, you upload a screencast of your app and how it is using the permission.

You upload the following screencast:

Something Went Wrong
We're having trouble playing this video.

You Save your changes and repeat these steps for the manage_pages permission, re-using the same screencast since it shows both permissions in use.

Providing Verification Details

Next, your provide credentials that an app reviewer can use to sign into your app and verify that it uses data in an approved manner.

Since your app is server-to-server you have not implemented Facebook Login, so you confirm this.

You have set up a test account that an app reviewer can use to sign into your website and access the UI that populates data pulled from our APIs.

You then confirm that you've completed this steps and save your changes.


You've supplied everything we need to verify that your app uses the ads_management permissions, so you click Submit For Review.