Follow these guidelines if you are a Facebook Marketing Partner or a advertiser managing ad accounts or Pages. Depending on your responsibility, you may handle assets differently. Here is a list of the most relevant suggestions based on your role.
Customer owns the assets and they login to the Marketing Partner app directly. The Marketing Partner app uses the user's token.
Customer owns the assets, they give the Marketing Partner access by adding a Marketing Partner user account or grey user directly to the assets
The Marketing Partner's own the assets, and manages them programmatically.
The Marketing Partner's own the assets and manages them using employees.
Marketing Partner manages customer ad accounts or customer’s gray ad accounts by saving / storing end customer passwords.
Customer owns their ad accounts and assets, but Marketing Partner employees need access for customer ad accounts for troubleshooting reasons.
Marketing Partner owns the ad accounts for customers, while customer owns its own Pages.
Marketing Partner has multiple ad accounts and customer Pages, and wants to map which which assets are for which customer.
Projectscreated, one Project for each customer, whose ad accounts and Pages would be included in that Project. Marketing Partner users will create ads in the context of a Project, to avoid using a wrong ad account to create ads.
Marketing Partner or customer employees do not want to use their personal Facebook login to access Business Manager.
Marketing Partner app does not have Ads Management access, but still wants to use BM system user to invoke Page APIs.