If I ever took another position working with Meta, it would have to be "retire in 3 years" kind of money. With the resubmissions and petitions it's nearly full-time position. Since I left, I hear with Instagram support and more granular permissions on Messenger, they're submitting 60+ App Review submissions every quarter. Or maybe 3 proxy Apps - dev, US, and Germany, as simple middleware shims. I advised simplifying things by having a single proxy service distributing messages to different cloud regions based on the customer. Workarounds "faking" the experience are always possible. It's a joke that Meta tries to enforce policy at the application level vs. ![]() Then used a proxy to slingshot webhooks through that App to our platform, bypassing the under-review Apps altogether. So, we built a completely separate App to pull posts in batch and got it approved. Just routing public posts in real-time via webhooks. "How do we proceed?" "Well, you need to use the fetch API to get posts in batch for Approval, then you can use webhooks." Thing is, our platform wasn't interested in pulling posts in batch. We were adding support to reply to wall posts, but couldn't test or demonstrate the feature because public post webhooks weren't available. Only webhooks for Messenger (DMs) are active. They're nearly powerless to do anything, since the Safety and Review team is firewalled off from the rest of Meta to prevent outside influence.įunny nuance: when in development mode, Apps can't receive webhook events for wall posts. On occasion an App would keep going to the same stubborn reviewer and we'd contact our Partner Manager. We'd make token changes to the rejected reviews, resubmit, then keep resubmitting until they were all approved. Usually it was something about Facebook Login - which we didn't use as an S2S integration. Usually about 4 would get approved, and the other 8 would be rejected. For each permission we needed, we'd record screencasts of all 12 apps and explain how to verify the system works, then submit for App Review. They chose to have 12 apps due to data sovereignty reasons, separating implementations in different regions. It was working about 2 hours later, and we weren't audited again in the rest of the time I was at the company.Īt my last company, we had 12 identical Facebook apps working as service-to-service messaging integrations. I asked for a call and explained that the current user experience for users was that they would click "Sign in with Facebook" and see an error saying "Facebook is currently not working, please sign in another way", and that the only way we had to resolve this was to email all our Facebook auth'd users a password reset with an explanation that Facebook sign in no longer worked, and to then remove the feature from our site. We opened a support case, we emailed our ads account manager, we emailed our previous ads account manager as the first was on holiday, and all we got was "we're looking into it, but it looks legit, fix it". We never heard back.ġ week later "Sign in with Facebook" stopped working with no other warning. We replied asking what the hell was happening (politely). ![]() We never heard back.Ģ weeks later, they audited us again, failed us again, and gave us a deadline to fix it. We replied pointing to the previous case and explaining again why it was working. We explained this and they dropped the audit.Ģ weeks later, they audited us again, failed us again, and gave us a deadline to fix it. We scrambled to figure out what the issue was, only to find after they eventually replied to our emails (all they told us up-front was "it doesn't work") that they had tried to use a sign-in only button to sign- up, similar on many websites, not at all for our flow and not something it was possible for us to do. ![]() ![]() The tested it incorrectly, told us we were at fault and needed to fix it, and gave us 2 weeks to do so. At my previous company we had "Sign in with Facebook" – whatever your opinions on it are, it was probably the right thing for the company at that time.įacebook decided to "audit" us to make sure we were doing sign in right.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |