Permissions are a form of granular, app user-granted Graph API authorization. Before your app can use an API endpoint to access your app user's data, your app user must grant your app all permissions required by that endpoint.
Only select permissions that your app needs to function as intended. Selecting unneeded permissions is a common reason for rejection during app review.
You may also use any permission granted to your app to request analytics insights to improve your app and for marketing or advertising purposes, through the use of aggregated and de-identified or anonymized information (provided such data cannot be re-identified).
annual Data Use Checkup.
When your app users log onto your app, they receive a request to grant the permissions your app has requested. Your app users can grant or deny the requested permissions or any subset of them.
If your app does not use a permission for 90 days, usually due to user inactivity, your app user must regrant your app that permission.
You can use the Meta App Dashboard to remove a permission your app no longer uses or to remove a permission that has been deprecated.
Permission
|
Description and allowed usage
|
What to include in App Review submission
|
---|---|---|
ads_management Dependencies pages_read_engagement pages_show_list | The ads_management permission allows your app to both read and manage the Ads account it owns, or has been granted access to, by the Ad account owner. The allowed usage for this permission is to programmatically create campaigns, manage ads or fetch Ad metrics to help their business. Additionally, it can also be used to build ad management tools to provide innovative solutions and differentiated values for advertisers.
Allowed Usage
| Provide specific examples of why your app requires managing ads on behalf of other businesses.
Screencast Requirements
|
ads_read Dependencies None | The ads_read permission allows your app to access the Ads Insights API to pull Ads report information for Ad accounts you own or have been granted access to by the owner or owners of other ad accounts through this permission. This permissions also grants your app access to the Server-Side API to allow advertisers to send web events from their servers directly to Facebook.
Allowed Usage
| Provide specific examples of why your app requires accessing ads and related statistics on behalf of other businesses.
Screencast Requirements
|
attribution_read Dependencies None | The attribution_read permission grants your app access to the Attribution API to pull attribution report data for lines of business you own or have been granted access to by the owner or owners of other lines of business.
Allowed Usage
|
Use Case Description
Visit the App Review documentation for guidance.
Screencast Requirements
Visit the App Review documentation for guidance. |
Permission
|
Description and allowed usage
|
What to include in App Review submission
|
---|---|---|
catalog_management Dependencies business_management | The catalog_management permission allows your app to create, read, update and delete business-owned product catalogs that the user is an admin of. The allowed usage for this permission is to build commerce-related solutions for ecommerce platforms, travel platforms and dynamic ads. It can also be used to build inventory type management solutions like product inventory, hotel inventory or car inventory.
Allowed Usage
|
Use Case Description
Screencast Requirements
|
| The commerce_account manage_orders permission allows your app to read and update commerce account orders.
Allowed Usage
|
Use Case Description
Visit the App Review documentation for guidance.
Screencast Requirements
Visit the App Review documentation for guidance. |
| The commerce_account_read_orders permission allows your app to read commerce account orders.
Allowed Usage
|
Use Case Description
Visit the App Review documentation for guidance.
Screencast Requirements
Visit the App Review documentation for guidance. |
| The commerce_account_read_reports permission allows your app to read finance reporting data to build custom tax, cash reconciliation and reimbursement reports for a commerce account.
Allowed Usage
|
Use Case Description
Visit the App Review documentation for guidance.
Screencast Requirements
Visit the App Review documentation for guidance. |
| The commerce_account_read_settings permission allows your app to read commerce account settings.
Allowed Usage
|
Use Case Description
Visit the App Review documentation for guidance.
Screencast Requirements
Visit the App Review documentation for guidance. |
| The commerce_manage_accounts permission allows your app to create and manage commerce accounts, such as an ecommerce app.
Allowed Usage
|
Use Case Description
Visit the App Review documentation for guidance.
Screencast Requirements
Visit the App Review documentation for guidance. |
Permission
|
Description and allowed usage
|
What to include in App Review submission
|
---|---|---|
| The email permission allows your app to read a person's primary email address. Allowed Usage
|
Use Case Description
Visit the App Review documentation for guidance.
Screencast Requirements
Visit the App Review documentation for guidance. |
Permission
|
Description and allowed usage
|
What to include in App Review submission
|
---|---|---|
gaming_user_locale
Dependencies gaming_profile | The gaming_user_locale permission allows your app to get a user's preferred language while the user plays a game on Facebook (for example, Instant Games or Cloud Gaming). The allowed usage for this permission is to display a game interface in the user's preferred language.
Allowed Usage
|
Use Case Description
Visit the App Review documentation for guidance.
Screencast Requirements
Visit the App Review documentation for guidance. |
Permission
|
Description and allowed usage
|
What to include in App Review submission
|
---|---|---|
leads_retrieval
Dependencies
Ads Management Standard Access ads_management ads_read business_management pages_manage_ads pages_read_engagement pages_show_list | The leads_retrieval permission allows your app to retrieve and read all information captured by a lead ads form associated with an ad created in Ads Manager or the Marketing API. The allowed usage for this permission is to contact people who completed your lead ad form requesting more information. This permission can also be used by advertiser authorized CRM platforms to pull the lead data on behalf of the advertisers.
Allowed Usage
|
Use Case Description
Screencast Requirements
Visit the App Review documentation for guidance. |
Permission
|
Description and allowed usage
|
What to include in App Review submission
|
---|---|---|
pages_events Dependencies pages_show_list | The page_events permissions allows your app permission to log events on behalf of Facebook Pages administered by people using your app and to send those events to Facebook for ads targeting, optimization and reporting. The allowed usage for this permission is to send businesses related activities (for example purchase, add-to-cart, lead) on behalf of Pages owned by the people who use your app.
Allowed Usage
|
Use Case Description
Visit the App Review documentation for guidance.
Screencast Requirements
Visit the App Review documentation for guidance. |
pages_manage_ads Dependencies pages_show_list | The pages_manage_ads permission allows your app to manage ads associated with the Page. The allowed usage for this permission is to create and manage ads for the Page, or ads that click to a business messaging surface, such as Messenger, Instagram Direct, or WhatsApp, associated with a Page.
Allowed Usage
|
Use Case Description
Screencast Requirements
|
| The pages_manage_cta permission allows your app to carry out POST and DELETE functions on endpoints used to manage call-to-action buttons on a Facebook Page.
Allowed Usage
|
Use Case Description
Visit the App Review documentation for guidance.
Screencast Requirements
Visit the App Review documentation for guidance. |
pages_manage_instant_articles Dependencies pages_show_list | The pages_manage_instant_articles permission allows your app to manage Instant Articles on behalf of Facebook Pages administered by people using your app. The allowed usage for this permission is to create and update Instant Articles for Pages owned by the people who use your app.
Allowed Usage
|
Use Case Description
Visit the App Review documentation for guidance.
Screencast Requirements
Visit the App Review documentation for guidance. |
pages_manage_engagement Dependencies pages_read_user_content pages_show_list | The pages_manage_engagement permission allows your app to create, edit and delete comments posted on the Page. The allowed usage for this permission is to help manage and moderate content on the Page.
Allowed Usage
|
Use Case Description
Screencast Requirements
|
pages_manage_metadata Dependencies pages_show_list | The pages_manage_metadata permission allows your app to subscribe and receive webhooks about activity on the Page, and to update settings on the Page. The allowed usage for this permission is to help a Page Admin administer and manage a Page.
Allowed Usage
|
Use Case Description
Screencast Requirements
|
pages_manage_posts Dependencies pages_read_engagement pages_show_list | The pages_manage_posts permission allows your app to create, edit and delete your Page posts. The allowed usage for this permission is to create and delete content on a Page.
Allowed Usage
|
Use Case Description
Screencast Requirements
|
pages_messaging Dependencies pages_manage_metadata pages_show_list | The pages_messaging permission allows your app to manage and access Page conversations in Messenger. The allowed usage for this permission is to create user-initiated interactive experiences, send customer support messages or to confirm bookings or purchases and orders.
Allowed Usage
|
Use Case Description
Screencast Requirements
|
pages_read_engagement Dependencies pages_show_list | The pages_read_engagement permission allows your app to read content (posts, photos, videos, events) posted by the Page, read followers data (including name, PSID), and profile picture, and read metadata and other insights about the Page. The allowed usage for this permission is to help a Page Admin administer and manage a Page.
Allowed Usage
|
Use Case Description
Screencast Requirements
|
pages_read_user_content Dependencies pages_show_list | The pages_read_user_content permission allows your app to read user generated content on the Page, such as posts, comments, and ratings by users or other Pages, and to delete user comments on Page posts. The allowed usage for this permission is to read user's and other Page’s content posted on the Page if you need it to help manage the Page.
Allowed Usage
|
Use Case Description
Screencast Requirements
|
pages_show_list Dependencies None | The pages_show_list permission allows your app to access the list of Pages a person manages. The allowed usage for this permission is to show a person the list of Pages they manage and verify that a person manages a Page.
Allowed Usage
|
Use Case Description
Provide specific examples of why your app needs to access the list of pages that a user owns. If the
Screencast Requirements
|
| The pages_user_gender permission allows your app to access a user's gender through the Page your app is connected to.
Allowed Usage
|
Use Case Description
Visit the App Review documentation for guidance.
Screencast Requirements
Visit the App Review documentation for guidance. |
| The pages_user_locale permission allows your app to access a user's locale through the Page your app is connected to.
Allowed Usage
|
Use Case Description
Visit the App Review documentation for guidance.
Screencast Requirements
Visit the App Review documentation for guidance. |
| The pages_user_timezone permission grants your app access to a user's time zone through the Page your app is connected to.
Allowed Usage
|
Use Case Description
Visit the App Review documentation for guidance.
Screencast Requirements
Visit the App Review documentation for guidance. |
| The pages_utility_messaging permission allows an app to access a Page's utility messaging templates. The allowed usage for this permission is to manage a Page's utility messaging templates and send a Page's utility messages through Messenger.
Allowed Usage
|
Use Case Description
Visit the App Review documentation for guidance.
Screencast Requirements
Visit the App Review documentation for guidance. |
public_profile Dependencies None | The public_profile permission allows an app to read the Default Public Profile Fields on the User node. This permission is automatically granted to all apps. The allowed usage for this permission is to authenticate app users and provide them with a personalized in-app experience.
Allowed Usage
|
Use Case Description
Visit the App Review documentation for guidance.
Screencast Requirements
Visit the App Review documentation for guidance. |
publish_video Dependencies None | The publish_video permission allows your app to publish live videos to an app user's timeline, group, event or Page. The allowed usage for this permission is to live-video stream to an app user's timeline, event or Page.
Allowed Usage
|
Use Case Description
Visit the App Review documentation for guidance.
Screencast Requirements
Visit the App Review documentation for guidance. |
Permission
|
Description and allowed usage
|
What to include in App Review submission
|
---|---|---|
read_audience_network_insights Dependencies None | The read_audience_network_insights permission allows an app to access the Audience Network insights data and pull performance report information for properties you own. The allowed usage for this permission is to integrate Audience Network properties performance data into app owner’s data analytics and dashboards.
Allowed Usage
|
Use Case Description
Visit the App Review documentation for guidance.
Screencast Requirements
Visit the App Review documentation for guidance. |
Dependencies pages_read_engagement pages_show_list | The read_insights permission allows your app to read the Insights data for Pages, apps and web domains the person owns. Allowed Usage
|
Use Case Description
Screencast Requirements
|
Permission
|
Description and allowed usage
|
What to include in App Review submission
|
---|---|---|
whatsapp_business_manage_events Dependencies whatsapp_business_management | The whatsapp_business_manage_events permission allows an app to log events, such as purchase, add-to-cart, leads and more, on behalf of a WhatsApp Business Account administered by an app user. The allowed usage for this permission is to log events on WhatsApp Business Accounts and send this activity data to Meta for ads targeting, optimization and reporting.
Allowed Usage
|
Use Case Description
Visit the App Review documentation for guidance.
Screencast Requirements
Visit the App Review documentation for guidance. |
whatsapp_business_management Dependencies None | The whatsapp_business_management permission allows your app to read and/or manage WhatsApp business assets you own or have been granted access to by other businesses through this permission. These business assets include WhatsApp Business Accounts, business phone numbers, message templates, QR codes and their associated messages, and webhook subscriptions. The allowed usage for this permission is to manage WhatsApp business assets and display WhatsApp Business Account analytics in your customer portal.
Allowed Usage
|
Use Case Description
Screencast Requirements
|
whatsapp_business_messaging Dependencies whatsapp_business_management | The whatsapp_business_messaging permission allows an app to send WhatsApp messages to a specific phone number, upload and retrieve media from messages, manage and get WhatsApp business profile information, and to register those phone numbers with Meta. The allowed usage for this permission is to create messaging experiences initiated by a customer or a business.
Allowed Usage
|
Use Case Description
Explain the messaging functionality your app offers to business customers who you have onboarded onto the platform, and how they perform those functions.
Screencast Requirements
|