Manage Permissions

Connect Catalog, Business Manager, and Pages

Business Manager and Access to Pages

Before you send vehicle listings to Facebook:

  • Make sure your Catalog is owned by your Business Manager
  • Obtain the required permission access to the Facebook pages you are listing from (fb_page_id as described in Uploading listings page)

Partner Model Integration

To list on Marketplace using your Brand page, you need to make sure the page you are using to list (fb_page_id) is the Primary page associated to your Business Manager. In Business Manager, check your Business info section.

Dealer Model Integration

To list on Marketplace on behalf of your dealers and integrate the Messenger Chat and/or the Lead forms, you need Standard Access permission with Publish content role to their pages. In this case, leads can be only manually downloaded from the page.

To list on Marketplace on behalf of your dealers and integrate and retrieve Messenger Chat and/or the Lead forms via API, you need Admin Access permission with Manage Page role to their pages.

If you plan to use our APIs, we recommend that you create a Business Manager admin system user under your Business Manager and make sure you assign your business assets to it.

Standard Access to Dealer Pages via Business Manager

To request and obtain Standard Access to pages from your Business Manager:

  1. Go to Accounts > Pages.
  2. Click the button and in the dropdown, select Request Access to Page.



  3. Enter the name or URL of the Facebook page.



  4. Select Publish content role > click Request Access.


  5. Once a dealership has approved the request, assign a person from your team a Page Editor role and click Save Changes.

Admin Access to Dealer Pages via Business Manager

To request and obtain Admin Access from your Business Manager, follow the same steps in Standard Access to Dealer pages:

  1. Go to Accounts > Pages, click the button and in the dropdown, select Request Access to Page, enter the name or URL of the Facebook page, select Manage Page role, and click Request Access.

  2. Once the page admin has approved the request, assign a person from your team with Page Editor role.

Make sure you are assigned to dealer pages each time you integrate new dealers.

By default, only Page admins with Manage page role can access the leads. To give access to dealers, you can enable the customized access to leads. In this case, ensure that the dealer grants your Business Manager access to the leads.

Request Access via Graph API

We recommend spreading the Graph API requests over time and limit permissions requests to 100 / hour to avoid throttling.

To request permissions to multiple Facebook pages in bulk, use the Business Manager API to make multiple requests.

Before You Begin

For the following examples:

  • ACCESS_TOKEN is the System User access token. You obtain it when you create the System User.
  • BUSINESS_SCOPED_USER_ID is the System User business scoped ID. You can obtain it with the following request:
    Graph API Explorer
    curl -X GET -G \
      -d 'access_token=<ACCESS_TOKEN>' \
      https://graph.facebook.com/{BUSINESS_ID}/system_users
    GET /{BUSINESS_ID}/system_users HTTP/1.1
    Host: graph.facebook.com
    /* PHP SDK v5.0.0 */
    /* make the API call */
    try {
      // Returns a `Facebook\FacebookResponse` object
      $response = $fb->get(
        '/{BUSINESS_ID}/system_users',
        '{access-token}'
      );
    } catch(Facebook\Exceptions\FacebookResponseException $e) {
      echo 'Graph returned an error: ' . $e->getMessage();
      exit;
    } catch(Facebook\Exceptions\FacebookSDKException $e) {
      echo 'Facebook SDK returned an error: ' . $e->getMessage();
      exit;
    }
    $graphNode = $response->getGraphNode();
    /* handle the result */
    /* make the API call */
    FB.api(
        "/{BUSINESS_ID}/system_users",
        function (response) {
          if (response && !response.error) {
            /* handle the result */
          }
        }
    );

Request Access to Third-Party Pages

  1. Set up a Facebook app and claim it under your business: Business Manager > Accounts > Apps
  2. Set up a Business System Admin User: Business Manager > Users > System Users.
  3. Generate a new token and save it immediately as it will not display again.
  4. Use the generated token to make API calls to request Page Editor (“CONTENT_CREATOR”) permissions from dealers; for example:

  5. Graph API Explorer
    curl -X POST \
      -F 'page_id={PAGE_ID}' \
      -F 'permitted_tasks=[
           "CREATE_CONTENT",
           "MODERATE",
           "ADVERTISE",
           "ANALYZE"
         ]' \
      -F 'access_token=<ACCESS_TOKEN>' \
      https://graph.facebook.com/{BUSINESS_ID}/client_pages
    /* PHP SDK v5.0.0 */
    /* make the API call */
    try {
      // Returns a `Facebook\FacebookResponse` object
      $response = $fb->post(
        '/{BUSINESS_ID}/client_pages',
        array (
          'page_id' => '{PAGE_ID}',
          'permitted_tasks' => 
          array (
          0 => 'CREATE_CONTENT',
          1 => 'MODERATE',
          2 => 'ADVERTISE',
          3 => 'ANALYZE',
          ),
        ),
        '{access-token}'
      );
    } catch(Facebook\Exceptions\FacebookResponseException $e) {
      echo 'Graph returned an error: ' . $e->getMessage();
      exit;
    } catch(Facebook\Exceptions\FacebookSDKException $e) {
      echo 'Facebook SDK returned an error: ' . $e->getMessage();
      exit;
    }
    $graphNode = $response->getGraphNode();
    /* handle the result */
    /* make the API call */
    FB.api(
        "/{BUSINESS_ID}/client_pages",
        "POST",
        {
            "page_id": "{PAGE_ID}",
            "permitted_tasks": [
                "CREATE_CONTENT",
                "MODERATE",
                "ADVERTISE",
                "ANALYZE"
            ]
        },
        function (response) {
          if (response && !response.error) {
            /* handle the result */
          }
        }
    );
  6. Wait for the other dealer's page to approve the request. This can be done under their Business Manager > Requests, or directly from their page settings.
  7. After the dealer's page approves the request, you can make the call in the next step; otherwise, you'll get an error.
  8. Grant a person from your team a CONTENT_CREATOR role for the specified page.
  9. Get the Business Scoped User ID from Business Manager > People:

  10. Graph API Explorer
    curl -X POST \
      -F 'user={BUSINESS_SCOPED_USER_ID}' \
      -F 'permitted_tasks=[
           "CREATE_CONTENT",
           "MODERATE",
           "ADVERTISE",
           "ANALYZE"
         ]' \
      -F 'access_token=<ACCESS_TOKEN>' \
      https://graph.facebook.com/{PAGE_ID}/assigned_users
    /* PHP SDK v5.0.0 */
    /* make the API call */
    try {
      // Returns a `Facebook\FacebookResponse` object
      $response = $fb->post(
        '/{PAGE_ID}/assigned_users',
        array (
          'user' => '{BUSINESS_SCOPED_USER_ID}',
          'permitted_tasks' => 
          array (
          0 => 'CREATE_CONTENT',
          1 => 'MODERATE',
          2 => 'ADVERTISE',
          3 => 'ANALYZE',
          ),
        ),
        '{access-token}'
      );
    } catch(Facebook\Exceptions\FacebookResponseException $e) {
      echo 'Graph returned an error: ' . $e->getMessage();
      exit;
    } catch(Facebook\Exceptions\FacebookSDKException $e) {
      echo 'Facebook SDK returned an error: ' . $e->getMessage();
      exit;
    }
    $graphNode = $response->getGraphNode();
    /* handle the result */
    /* make the API call */
    FB.api(
        "/{PAGE_ID}/assigned_users",
        "POST",
        {
            "user": "{BUSINESS_SCOPED_USER_ID}",
            "permitted_tasks": [
                "CREATE_CONTENT",
                "MODERATE",
                "ADVERTISE",
                "ANALYZE"
            ]
        },
        function (response) {
          if (response && !response.error) {
            /* handle the result */
          }
        }
    );

    If the page didn’t accept your request made in the step 4, you will see the error:

    “You do not have permission to perform this action. This action requires that you can MANAGE_PERMISSIONS on a managing business account. Or it requires that you can ADMINISTER on this object Note: to use do this action on behalf of a business account the "business" field must be set.”
  11. To request the Admin Access role, instead of CONTENT_CREATOR role, perform the request via the API by adding the MANAGE task in permitted_tasks as following:
  12. Graph API Explorer
    curl -X POST \
      -F 'page_id={PAGE_ID}' \
      -F 'permitted_tasks=[
           "CREATE_CONTENT",
           "MODERATE",
           "ADVERTISE",
           "ANALYZE",
           "MANAGE"
         ]' \
      -F 'access_token=<ACCESS_TOKEN>' \
      https://graph.facebook.com/{BUSINESS_ID}/client_pages
    /* PHP SDK v5.0.0 */
    /* make the API call */
    try {
      // Returns a `Facebook\FacebookResponse` object
      $response = $fb->post(
        '/{BUSINESS_ID}/client_pages',
        array (
          'page_id' => '{PAGE_ID}',
          'permitted_tasks' => 
          array (
          0 => 'CREATE_CONTENT',
          1 => 'MODERATE',
          2 => 'ADVERTISE',
          3 => 'ANALYZE',
          4 => 'MANAGE',
          ),
        ),
        '{access-token}'
      );
    } catch(Facebook\Exceptions\FacebookResponseException $e) {
      echo 'Graph returned an error: ' . $e->getMessage();
      exit;
    } catch(Facebook\Exceptions\FacebookSDKException $e) {
      echo 'Facebook SDK returned an error: ' . $e->getMessage();
      exit;
    }
    $graphNode = $response->getGraphNode();
    /* handle the result */
    /* make the API call */
    FB.api(
        "/{BUSINESS_ID}/client_pages",
        "POST",
        {
            "page_id": "{PAGE_ID}",
            "permitted_tasks": [
                "CREATE_CONTENT",
                "MODERATE",
                "ADVERTISE",
                "ANALYZE",
                "MANAGE"
            ]
        },
        function (response) {
          if (response && !response.error) {
            /* handle the result */
          }
        }
    );

Dealer-Side Request

Once a request has been made to a dealer, they can respond from their Page settings:

  • If the page is owned by individuals, admins of the page should (not granted) receive a notification that a business has requested access to their page. Admins of the page can go to Page > Settings > Page Roles and accept Pending partner requests:
https://www.facebook.com/pageID/settings/?tab=admin_roles
  • If the page is owned by a business, only Admins of the Business Manager can accept the request (Business Manager > Requests:
https://business.facebook.com/settings/requests?business_id=<number>