Permission Management
Several permissions exist between the user and your bot:
| Name | Description | Scope |
|---|---|---|
| Once granted, the developer may call the user profile API to obtain more information about the user. | Per user, per bot. |
| Once granted, the bot may message the user personally (in a user-to-bot thread). | Per user, per bot. |
When a user begins a 1:1 thread with the bot for the first time, both of these are implicitly granted.
However, there may be other situations where only one (or neither) is granted, such as encountering the bot via a plugin or ad, or encountering a page shared by a friend using a bot.
From inside the webview, these permissions can be requested with askPermission() and checked with getGrantedPermissions().
askPermission()
Allows to request one of the specific permissions. It displays a dialog asking the user to confirm.
MessengerExtensions.askPermission(
function(response) {
// Success
// This is called if user grants or rejects the asked permission.
// response.permissions contains the list of all currently granted permissions
var permissions = response.permissions;
var isGranted = response.isGranted;
if (isGranted) {
// User has granted user_profile permission
}
// permissions is list of all permissions granted
}, function(errorCode, errorMessage) {
// Error occurred
},
"user_profile"
);
Parameters
| Parameter | Description | Type | Required |
|---|---|---|---|
permission name | The name of the permission you're asking for. See above. | string | Yes |
success callback | This function will be called if user grants or rejects the asked permission. The response contains the list of current-granted-permissions and state of asked permission. | function | Yes |
error callback | This function will be called if Messenger was unable to ask for the requested permission. | function | Yes |
Response
| Parameter | Description | Type |
|---|---|---|
| The list of permissions granted. | List |
| Returns true is user approves the askedPermission else false. | boolean |
getGrantedPermissions()
This tells you the currently-granted permissions.
If necessary, you might use this information to first display context and set expectations for a given request. It does not produce any visible UI change.
MessengerExtensions.getGrantedPermissions(function(response) {
// response.permissions is the list of permissions granted
// e.g.: response.permissions = ['user-messaging']
}, function() {
// An error occurred
});
Parameters
| Parameter | Description | Type | Required |
|---|---|---|---|
success callback | This will be called and passed a list of permissions the user has already granted to your bot. | Function | Yes |
error callback | This will be called if Messenger was unable to check the user's permissions. | Function | Yes |