Marketplace Platform

Managing Permissions

Connect Catalog, Business Manager and Pages

Business Manager (BM) and access to Pages

Before you send vehicle listings to Facebook, you need to make sure your Catalog is owned by your Business Manager and you have obtained the required permission access to the Facebook pages you are listing from (fb_page_id as described in Uploading listings page) .

Partner Model integration

To list on Marketplace using your Brand page you need to make sure the page you are using to list (fb_page_id) is the Primary page associated to your Business Manager. Check your Business info section into the Business Manager.

Dealer Model integration

To list on Marketplace on behalf of your dealers and integrate the Messenger Chat and/or the Lead forms, you would need Standard Access permission with Publish content role to their pages. In this case, leads can be only manually downloaded from the page.

To list on Marketplace on behalf of your dealers and integrate and retrieve Messenger Chat and/or the Lead forms via API, you would need Admin Access permission with Manage Page role to their pages.

Note: if you planning to use our APIs, we recommend to create a Business Manager Admin System User under your Business manager and make sure you assign your Business Assets to it.

Standard Access to Dealer pages via BM

To request and obtain Standard Access to pages from your Business Manager, go to Accounts > Pages. Click the button and select Request Access to Page in the dropdown.

Enter the name or URL of the Facebook page:

Select Publish content role:


Finally, once a Dealership has approved the request, assign a person from your team a Page Editor role:

Admin access to Dealer pages via BM

To request and obtain Admin Access from your Business Manager, follow the same steps as per Standard Access to Dealer pages go to Accounts > Pages, click the button and select Request Access to Page in the dropdown, enter the name or URL of the Facebook page, but make sure to select Manage Page role:


Finally, once a the page admin has approved the request, assign a person from your team with Page Editor role.

Make sure you got assigned to dealer pages every time you integrate new dealers!

By default, only Page admins with Manage page role can access the leads. If you want to give access to dealers you can enable the customized access to leads. In this case, please make sure the dealer grant your BM access to the leads.

Requesting access via Graph API

We recommend spreading the graph API requests over time, and limit permissions requests to 100 / hour to avoid throttling.

In order to request permissions to multiple Facebook pages in bulk, use the Business Manager API to make multiple requests.

For the following examples:

  • ACCESS_TOKEN is the System User access token. You obtain it when you create the System User.
  • BUSINESS_SCOPED_USER_ID is the System User business scoped ID. You can obtain it with the following request:
    Graph API Explorer
    curl -X GET -G \
  -d 'access_token=<ACCESS_TOKEN>' \
  https://graph.facebook.com/{BUSINESS_ID}/system_users
    GET /{BUSINESS_ID}/system_users HTTP/1.1
Host: graph.facebook.com
    /* PHP SDK v5.0.0 */
/* make the API call */
try {
  // Returns a `Facebook\FacebookResponse` object
  $response = $fb->get(
    '/{BUSINESS_ID}/system_users',
    '{access-token}'
  );
} catch(Facebook\Exceptions\FacebookResponseException $e) {
  echo 'Graph returned an error: ' . $e->getMessage();
  exit;
} catch(Facebook\Exceptions\FacebookSDKException $e) {
  echo 'Facebook SDK returned an error: ' . $e->getMessage();
  exit;
}
$graphNode = $response->getGraphNode();
/* handle the result */
    /* make the API call */
FB.api(
    "/{BUSINESS_ID}/system_users",
    function (response) {
      if (response && !response.error) {
        /* handle the result */
      }
    }
);

You can now proceed to request the access to the third party pages.

  1. Set up a Facebook app (https://developers.facebook.com/docs/apps/register) and claim it under your business: Business Manager > Accounts > Apps
  2. Set up a Business System Admin User: Business Manager > Users > System Users
  3. Generate a new token and save it. It will not be displayed again, so be sure to save it right away.
  4. Use the generated token to make API calls to request Page Editor (“CONTENT_CREATOR”) permissions from dealers. Ex:
    Graph API Explorer
    curl -X POST \
  -F 'page_id={PAGE_ID}' \
  -F 'permitted_tasks=[
       "CREATE_CONTENT",
       "MODERATE",
       "ADVERTISE",
       "ANALYZE"
     ]' \
  -F 'access_token=<ACCESS_TOKEN>' \
  https://graph.facebook.com/{BUSINESS_ID}/client_pages
    /* PHP SDK v5.0.0 */
/* make the API call */
try {
  // Returns a `Facebook\FacebookResponse` object
  $response = $fb->post(
    '/{BUSINESS_ID}/client_pages',
    array (
      'page_id' => '{PAGE_ID}',
      'permitted_tasks' => 
      array (
      0 => 'CREATE_CONTENT',
      1 => 'MODERATE',
      2 => 'ADVERTISE',
      3 => 'ANALYZE',
      ),
    ),
    '{access-token}'
  );
} catch(Facebook\Exceptions\FacebookResponseException $e) {
  echo 'Graph returned an error: ' . $e->getMessage();
  exit;
} catch(Facebook\Exceptions\FacebookSDKException $e) {
  echo 'Facebook SDK returned an error: ' . $e->getMessage();
  exit;
}
$graphNode = $response->getGraphNode();
/* handle the result */
    /* make the API call */
FB.api(
    "/{BUSINESS_ID}/client_pages",
    "POST",
    {
        "page_id": "{PAGE_ID}",
        "permitted_tasks": [
            "CREATE_CONTENT",
            "MODERATE",
            "ADVERTISE",
            "ANALYZE"
        ]
    },
    function (response) {
      if (response && !response.error) {
        /* handle the result */
      }
    }
);
    At this point, you will have to wait that other page approves the request (they can do it under their business manager, under “Requests”, or directly from their page settings.)
    After the dealer's page approves the request, you will be able to make the call in the next step, otherwise you'll get an error.
  5. Grant a person from your team a CONTENT_CREATOR role for that particular page. You can get the Business Scoped User ID from the “People” section of your Business Manager:
    Graph API Explorer
    curl -X POST \
  -F 'user={BUSINESS_SCOPED_USER_ID}' \
  -F 'permitted_tasks=[
       "CREATE_CONTENT",
       "MODERATE",
       "ADVERTISE",
       "ANALYZE"
     ]' \
  -F 'access_token=<ACCESS_TOKEN>' \
  https://graph.facebook.com/{PAGE_ID}/assigned_users
    /* PHP SDK v5.0.0 */
/* make the API call */
try {
  // Returns a `Facebook\FacebookResponse` object
  $response = $fb->post(
    '/{PAGE_ID}/assigned_users',
    array (
      'user' => '{BUSINESS_SCOPED_USER_ID}',
      'permitted_tasks' => 
      array (
      0 => 'CREATE_CONTENT',
      1 => 'MODERATE',
      2 => 'ADVERTISE',
      3 => 'ANALYZE',
      ),
    ),
    '{access-token}'
  );
} catch(Facebook\Exceptions\FacebookResponseException $e) {
  echo 'Graph returned an error: ' . $e->getMessage();
  exit;
} catch(Facebook\Exceptions\FacebookSDKException $e) {
  echo 'Facebook SDK returned an error: ' . $e->getMessage();
  exit;
}
$graphNode = $response->getGraphNode();
/* handle the result */
    /* make the API call */
FB.api(
    "/{PAGE_ID}/assigned_users",
    "POST",
    {
        "user": "{BUSINESS_SCOPED_USER_ID}",
        "permitted_tasks": [
            "CREATE_CONTENT",
            "MODERATE",
            "ADVERTISE",
            "ANALYZE"
        ]
    },
    function (response) {
      if (response && !response.error) {
        /* handle the result */
      }
    }
);
    Note: if the page still didn’t accept your request made in the step 4, you will get the error: “You do not have permission to perform this action. This action requires that you can MANAGE_PERMISSIONS on a managing business account. Or it requires that you can ADMINISTER on this object Note: to use do this action on behalf of a business account the "business" field must be set.”

    If you want to request Admin Access instead of just Content Creator, you should perform the request via API by adding `MANAGE` task in permitted_tasks as following:
    Graph API Explorer
    curl -X POST \
  -F 'page_id={PAGE_ID}' \
  -F 'permitted_tasks=[
       "CREATE_CONTENT",
       "MODERATE",
       "ADVERTISE",
       "ANALYZE",
       "MANAGE"
     ]' \
  -F 'access_token=<ACCESS_TOKEN>' \
  https://graph.facebook.com/{BUSINESS_ID}/client_pages
    /* PHP SDK v5.0.0 */
/* make the API call */
try {
  // Returns a `Facebook\FacebookResponse` object
  $response = $fb->post(
    '/{BUSINESS_ID}/client_pages',
    array (
      'page_id' => '{PAGE_ID}',
      'permitted_tasks' => 
      array (
      0 => 'CREATE_CONTENT',
      1 => 'MODERATE',
      2 => 'ADVERTISE',
      3 => 'ANALYZE',
      4 => 'MANAGE',
      ),
    ),
    '{access-token}'
  );
} catch(Facebook\Exceptions\FacebookResponseException $e) {
  echo 'Graph returned an error: ' . $e->getMessage();
  exit;
} catch(Facebook\Exceptions\FacebookSDKException $e) {
  echo 'Facebook SDK returned an error: ' . $e->getMessage();
  exit;
}
$graphNode = $response->getGraphNode();
/* handle the result */
    /* make the API call */
FB.api(
    "/{BUSINESS_ID}/client_pages",
    "POST",
    {
        "page_id": "{PAGE_ID}",
        "permitted_tasks": [
            "CREATE_CONTENT",
            "MODERATE",
            "ADVERTISE",
            "ANALYZE",
            "MANAGE"
        ]
    },
    function (response) {
      if (response && !response.error) {
        /* handle the result */
      }
    }
);

Dealer-side request

Once a request has been made to a Dealer, they will be able to respond from their Page Settings:

Need help?

You can contact Facebook's Support team any time you have questions.

Contact us