Instagram Platform

instagram_basic

Requires App Review.

Grants your app permission to read Instagram Accounts users of your app manage.

Allowed Usage

Get basic metadata of an Instagram Business Account.

instagram_content_publish

Requires App Review.

Grants the ability to create organic feed photo and video posts on behalf of a business user. This permission is used with the Content Publishing API and is in closed beta with Facebook Marketing Partners and Instagram Partners only. We are not accepting new applicants at this time.

Allowed Usage

Managing organic content creation process for Instagram (i.e. post photos, videos to main feed) on behalf of a business

Disallowed Usage

Using the API for promotional purposes

Any actions that do not comply with Instagram's community standards

Using the API to publish static, animated, or looping images

instagram_manage_comments

Requires App Review.

Grants your app permission to read Instagram Accounts users of your app manage.

Common Usage

Read, update, and delete comments of Instagram Business Accounts.

Read media objects, such as stories, of Instagram Business Accounts.

instagram_manage_insights

Requires App Review.

Grants your app permission to read insights of Instagram Accounts users of your app manage.

Allowed Usage

Get metadata of an Instagram Business Account.

Get data insights of an Instagram Business Account.

Get story insights of an Instagram Business Account.

Live Video API

publish_video

Requires App Review.

Grants an app permission to publish live videos to the app User's timeline.

Allowed Usage

Live video streaming to a User's timeline.

Disallowed Usage

Streaming of advertisements, or any content which does not meet Facebook's content policies.

Messenger Platform

pages_messaging (Send/Receive API)

Requires App Review.

Grants an app permission to manage and access Page conversations in Messenger.

Allowed Usage

Creating user-initiated interactive experiences

Confirming bookings, purchases, orders, etc.

Sending customer support messages

Disallowed Usage

Up-selling or cross-selling products or services

Sending brand advertising, newsletters, announcements or spam

Messaging people without their consent

pages_messaging_subscriptions

This permission was deprecated since version v3.3 and will apply to all versions on July 29, 2019.

Requires App Review.

Grants your app permission to send messages using Facebook Pages at any time after the first user interaction. Your app may only send advertising or promotional content through sponsored messages or within 24 hours of user interaction.

Allowed Usage

Send subscription messages to a person on Messenger.

Pages and Business Assets

ads_management

Requires App Review.

Grants your app the ability to both read and manage the ads for ad accounts you own or have been granted access to by the owner or owners of the ad accounts through this permission. By default, your app may only access ad accounts that are owned by admins of the app when in developer mode.

Allowed Usage

Programmatically create campaigns, manage ads, and fetch metrics.

Build ad management tools that provide innovative solutions and differentiated value for advertisers.

Disallowed Usage

Businesses must not try to reverse engineer how Facebook's delivery engine works.

Businesses must not try to duplicate too many of the same ads to increase chance that ads are delivered.

ads_read

Requires App Review.

Grants your app access to the Ads Insights API to pull ads report information for ad accounts you own or have been granted access to by the owner or owners of other ad accounts through this permission.

Grants your app access to the Server-Side API to allow advertisers to send web events from their servers directly to Facebook.

Allowed Usage

Provide API access to your ad performance data for use in custom dashboards and data analytics.

Send web events from server directly to Facebook.

Disallowed Usage

Businesses must not try to identify an individual and target them with specific ads.

Businesses must not share audiences across products owned by different businesses.

Businesses must not share insights across products owned by different businesses.

attribution_read

Requires App Review.

Grants your app access to the Attribution API to pull attribution report data for lines of business you own or have been granted access to by the owner or owners of other lines of business.

Allowed Usage

Provides the ability for your app to access ad performance data from Attribution for use in custom dashboards and data analytics.

business_management

Requires App Review.

Grants your app permission to read and write with the Business Manager API.

Allowed Usage

Manage business assets such as an ad account. Claiming ad accounts.

Disallowed Usage

Performing general page management and administration only.

catalog_management

Requires App Review.

Grants your app the ability to create, read, update, and delete business owned product catalogs that the user is an admin of. This permission grants access to related endpoints. By default, your app may only access product catalogs that are owned by admins of the app when in developer mode.

Allowed Usage

Build commerce-related solutions which include but are not limited to e-commerce platforms, travel platforms, and dynamic ads.

Build inventory type management solutions which includes but is not limited to product inventory, hotel inventory or car inventory.

leads_retrieval

Requires App Review.

Grants your app permission to retrieve all information captured by a lead. Also requires the manage_pages permission.

Allowed Usage

Leads are generally submitted by users in response to specific kinds of CTA (Sign ups, Get Quotes, etc.) shown on the ad. The information within the lead is used to reach out to the users to follow up on those CTA. For example, a dealer reaches out to a potential customer (lead) with quotes for a car.

By advertiser authorized CRM platforms to pull the lead data on behalf of the advertisers. The advertisers then use the lead information to reach out to the user.

manage_pages

Requires App Review.

Grants an app permission to retrieve Page Access Tokens for the Pages and Apps that the app user administers. Apps that allow users to publish as a Page must also have the publish_pages permission.

Allowed Usage

Publish content to Pages owned by the people who use your app. Publishing also requires the publish_pages permission.

Help people manage the posts, comments and likes published to their Pages.

pages_manage_cta

Requires App Review.

Allows app to perform POST and DELETE operations on endpoints used for managing a Page's Call To Action buttons.

Allowed Usage

Provides API access to manage call to actions on Pages that you manage

pages_manage_instant_articles

Requires App Review.

Grants an app permission to manage Instant Articles on behalf of Facebook Pages administered by people using your app.

Allowed Usage

Create and update Instant Articles for Pages owned by the people who use your app.

pages_show_list

Does not require App Review.

Grants your app access to show the list of the Pages that a person manages.

Allowed Usage

Provides API access to accounts for showing the list of the Pages that a person manages.

publish_pages

Requires App Review.

Grants your app permission to publish posts, comments, and like Pages managed by the app user. Also requires the manage_pages permission.

Allowed Usage

Allow app users to explicitly publish content from your app to any of the Facebook Pages they manage from within a custom composer.

Seamlessly like and comment from your app on behalf of the Pages app users manage.

Disallowed Usage

Automatically publish stories without app users being aware or having control.

Pre-filling the messages of Posts with content the app user or business didn't create.

read_insights

Requires App Review.

Grants an app permissions to read-only access of the Insights data for Pages, Apps, and web domains the person owns.

Allowed Usage

Integrate Facebook's app, page or domain insights into your own analytics tools.

Disallowed Usage

Transfer or sell insights data to third parties.

Provide any non-visible use of insights.

read_page_mailboxes

This permission was deprecated since version v3.3 and will apply to all versions on December 31, 2019.

Requires App Review.

Grants an app permission to manage and access your Pages' messaging conversations. This permission is often used alongside the manage_pages permission.

Allowed Usage

Allow someone to manage the mailboxes of their Pages through your app.

Disallowed Usage

This permission does not let your app read the page owner's mailbox. It only applies to the page's mailbox.

User Data

Default Public Profile Fields

Does not require App Review.

Grants your app access to the default fields of the User object that are a subset of a person's public profile:

  • id
  • first_name
  • last_name
  • middle_name
  • name
  • name_format
  • picture
  • short_name

email

Does not require App Review.

Grants your app permission to access a person's primary email address.

Allowed Usage

Allow a person to use their Facebook email address to login to your app.

Disallowed Usage

Spamming users. Your use of email must comply with both Facebook policies and the CAN-SPAM Act.

groups_access_member_info

Requires App Review.

Grants an app permission to publicly available group member information.

Allowed Usage

Allow apps to get content posted in their group with user details

Help admins get aggregated insights about activity happening in their group

Disallowed Usage

Behavioral retargeting

Building or augmenting user profiles

Mapping user engagement across Groups

Sharing data between multiple businesses that you manage

Transfering or selling data obtained through third parties

publish_to_groups

Requires App Review.

Grants an app permission to post content into a group on behalf of a User who has granted the app this permission.

Allowed Usage

Allow people to publish content from your app to their Facebook group.

Help people manage the content published to their group.

Disallowed Usage

Automatically publish content without the person being aware or having control over said content.

user_age_range

Requires App Review.

Grants an app permission to access a person's age range.

Allowed Usage

Your app includes content that is legally required to be age-gated, for example, gambling, gaming, or alcohol.

Your app includes content that is not suitable for the general Facebook audience, such as dating, mature, graphic, or violent content.

Your application includes content that is directed at kids or teens.

Disallowed Usage

No visible impact to the User experience based on a person's age range.

user_birthday

Requires App Review.

Grants an app permission to access a person's birthday.

Allowed Usage

Provide age relevant content to people based on their date of birth.

Provide age relevant content for anything where the age range is not sufficient.

Disallowed Usage

Determine whether a person says they are under 18, over 18, or over 21. Please use the age_range instead.

user_events

Requires App Review.

Grants an app permissions to read-only access to the Events a person is a host of or has RSVPed to. This permission is restricted to a limited set of partners and usage requires prior approval by Facebook.

Allowed Usage

Reduce friction in the visibility of calendar and event information, e.g., device apps, planner apps, concert apps, etc.

Disallowed Usage

Create events.

RSVP to events using your app.

user_friends

Requires App Review.

Grants an app permission to access a list of friends that also use said app. This permission is restricted to a limited set of partners and usage requires prior approval by Facebook.

In order for a person to show up in another's friend list, both people must have shared their list of friends with the app and not disabled this permission during login.

Allowed Usage

Use the list of friends to create a social experience in an app.

user_gender

Requires App Review.

Grants an app permission to access a person's gender.

Allowed Usage

Correctly render pronouns in certain languages, for example, when a bot messages a person.

Display a person's gender to other people, for example, for dating.

Personalized a User's experience based on gender, for example, in shopping or fashion.

Disallowed Usage

No visible impact to the user experience based on gender.

Fill out a registration form or User profile without using the information to enhance the User experience.

user_hometown

Requires App Review.

Grants an app permission to access a person's hometown location set in their User Profile.

Common Usage

Help people connect to others from their hometown.

Personalize a person's experience based on where they lived or grew up.

user_likes

Requires App Review.

Grants an app permission to access the list of all Facebook Pages that a person has liked.

Allowed Usage

Create a personalized experience by correlating and surfacing content related to a person's interests.

Enable connections with other users based on mutual interests. The user must be informed why the other users are suggested.

Disallowed Usage

Gate access to your app, or some content within your app, based on whether or not someone has liked a page.

Requires App Review.

Grants your app permission to access the Facebook Profile URL of User of your app.

Allowed Usage

Provide a way for someone who uses your app to visit the Facebook Profile of someone in their friends list who also uses your app, for example, for local listings.

Disallowed Usage

Attempt to programmatically determine someone's Facebook username or canonical User ID.

user_location

Provides access to a person's current city through the location field on the User object. The current city is set by a person on their Profile.

The current city is not necessarily the same as a person's hometown.

Review

If your app requests this permission Facebook will have to review how your app uses it.

Common Usage

Personalize a person's experience based on their current city.

Surface content relevant to their city.

Help people connect to others from their city.

user_photos

Requires App Review.

Grants an app permission to access the photos a person has uploaded.

Allowed Usage

Display a person's pictures in a digital photo frame.

Edit photos or create new content based on existing photos (e.g. slideshows and face-in-hole apps).

Help people export their photos for printing. Only offer this service for a person's personal and non-commercial use.

user_posts

Requires App Review.

Grants an app permission to access the posts a person makes on their timeline.

Allowed Usage

Provide creative content derived from a user's existing content in timeline posts.

Provide value to the user by visibly analyzing the content of the posts on their Timeline.

Disallowed Usage

Non-visible use of this data such as sentiment analysis.

user_videos

Provides access to the videos a person has uploaded or been tagged in. This permission is restricted to a limited set of partners and usage requires prior approval by Facebook.

Review

Requesting this permission requires you to submit your app for Login Review.

Common Usage

Access videos for use videos in a way that visibly enhances the in-app experience: (e.g. editing, collage, portfolio, slideshow apps.)

Display a person's videos on a TV via a set top box, or display their videos on a digital photo frame.

WhatsApp Platform

whatsapp_business_management

Requires App Review.

Provides the ability to read and/or manage WhatsApp business assets you own or have been granted access to by other businesses through this permission. These business assets include WhatsApp business accounts, phone numbers, and message templates.

Allowed Usage

Display WhatsApp Business Account analytics in your customer portal.

Manage message templates for WhatsApp Business Accounts.

Disallowed Usage

Share data between businesses that you manage.

Sell data.

Transfer customer insights or data to third-parties other than the business owner.