At the end of May this year, the Facebook team announced major changes to the package's developer tools, known as the Facebook Platform. Although the platform itself had been available for several months prior to this release, a host of new features were announced at f8, the Facebook developer event in San Francisco. This launch generated a lot of press coverage -- from the Wall Street Journal to TechCrunch. But the important question is: why should you care?
The face of Facebook (click to view image)
According to Alexa, Facebook is one of the top 20 sites on the Web, and it has some impressive statistics:
- The site's growth is around 3% per week, which equates to 100,000 new users per day.
- 50% of registered users visit the site every day.
- The site attracts more traffic than eBay: 40 billion page views per month, which equates to an average of 50 pages per user, per day.
Just looking at these statistics should start you thinking about the ways in which you can leverage this level of traffic to benefit your own web site. If you could tap into the Facebook userbase, you could very easily and quickly increase the audience's awareness of your brand, product, service, or web site.
Let's consider a real-world example. I'm currently working on welovelocal.com, a UK directory that allows its users to find and review businesses. While this isn't necessarily a new idea, the site adds a social element whereby users can view reviews from their friends to find out about businesses that other users with similar interests are reviewing. And by leveraging Facebook, a site like this can significantly increase its exposure to a given user's network of friends.
For example, if Stacy, a welovelocal user, writes a review about a restaurant, that review will be published to Stacy's Facebook news feed. All of Stacy's friends on Facebook will be able to see that she's written a new review, and can click through to welovelocal to read it.
Can you see the potential?
You can work with the Facebook Platform in many ways, including creating apps that exist just within Facebook itself. However, I feel that the greatest potential lies with integrating Facebook into an existing site, and that's what I'll cover in this article.
The news feed is perhaps the most important element of the platform, as it adds a real viral element to any kind of notification you send out -- being able to reach the entire network of friends for any of your users is certainly a great feature. But there are many other avenues by which content can be communicated to users. For example, you can:
- Add a link to your own site from the left-hand menu bar of a user's Facebook profile page, as shown below.
A link has been added to a Facebook sidebar (click to view image)
- Add to a user's profile a content box that contains whatever content you like. With welovelocal, we use this to display the user's latest five reviews, complete with ratings and links back to the actual reviews on our site, as shown here.
A content box displaying a user's last five reviews (click to view image)
- Send requests to users to perform certain actions. For example, you could retrieve a list of your users' friends, and send a request to all of them to add your app to their Facebook profiles.
- Upload photos, create albums, get photos, and manage photos within Facebook. One use for this might be to access the photos a user has added to their Facebook account and pull them into your site, or to push photos that have been uploaded to your site back to Facebook.
How Do I Use It?
In this article, we'll walk through the basics of using the Facebook platform using PHP 5. If you're interested in integrating your site with Facebook using another language, there is plenty of information on the Facebook developers' wiki:
I was fortunate (or unfortunate) to develop the welovelocal application prior to the official platform release in May. This meant that I had to write my own code to call the functions. There is an official PHP 5 library as well as an unofficial PHP 4 version (see the PHP link above) that you can probably use to get up and running more quickly and easily than I did. However, in order to gain a proper understanding of how the platform works, it's worth looking at the raw interactions that take place.
First Steps
You must register for an API key before you can access the Facebook Platform. To do this, you'll need to sign up for a Facebook account, then add the "Developer" application to your Facebook account. You can do so by following the very simple instructions at www.facebook.com/developers. Once it's added, you'll find that the Developer application is very much like a normal Facebook group, but it has an additional link near the top of the page called "My Applications" which, when clicked, will display a list of all the Facebook applications that you have registered.
Once you've registered, you need to generate a key. Click the Apply for another key link and you'll be walked through the process of creating a Facebook application. There are a number of fields that you can provide optional information to, all of which are explained in the quick start guide on the Facebook Developers site.
Your application is actually now ready to be used, although it won't do anything! Depending on what you want your application to do, your users may need to perform a number of steps to install your app into their Facebook accounts. The process usually consists of them clicking an Install link, then confirming the request, as shown here.
Adding an application to a Facebook account (click to view image)
Once the application is added, it will appear in the user's news feed and on their mini-feed, both of which are viewable by all their friends -- your first bit of free publicity!
Authentication
Your application is ready to be used, but of course you'll want to provide some content for your user. The two most important features for web site owners are:
- the ability to publish items to the news feed
- the ability to add a profile box
Before you can use either of these pieces of functionality, you need to authenticate the current user with the Facebook platform.
Each call to the Facebook Platform API requires a session key that identifies the user who's logged in and is using the system. To obtain this key, you must make a call to the Facebook API that redirects the user to log in to the Facebook web site and authorize the request.
One hurdle here is that this authorization provides a session key that only lasts for a certain period of time -- around 24 hours. A key that didn't expire would be much more useful. Fortunately, we can obtain such a key by following these two steps, which I'll explain in more detail in a moment:
- First, ask the user to authorize your application so that it can access the user's account on Facebook. This returns auth token 1, which generates a session key that expires after 24 hours.
- Then, ask the user to generate auth token 2, which they should then paste into a form on your web site. With this token in place, you'll be able to generate a session key that never expires.
Once you have the final token, you can request a permanent session key by calling the facebook.auth.getSession function.
But first, allow me to elaborate on those two steps.
Step 1 - Obtaining Auth Token 1
From your web site, direct your user to Facebook using a URL appended with your API key, like this: www.facebook.com/login.php?api_key=APIKEY (where APIKEY should be replaced with your own API key). If the user is not currently logged in, they'll be asked to do so.
The user will then be asked to accept any terms of service you set, and will be redirected to the callback URL that you specified when creating the application. This can be changed by editing your application through the Developer link in Facebook's sidebar.
With the redirect in place, Facebook will append ?auth_token=TOKEN to the URL, using an actual authentication token. You can use this token with the facebook.auth.getSession function; it's available as a GET variable in PHP.
However, because we want to get an infinite session, that auth token is actually irrelevant -- we need to get another token that we can use to get a permanent session key. If we were not interested in an infinite session, this is where we would stop. We could use the auth token with the facebook.auth.getSession function below.
Step 2 - Obtaining Auth Token 2
Once your user has returned to your site after logging into Facebook, you'll need to send them to www.facebook.com/code_gen.php?api_key=APIKEY. Back on the Facebook site, the user will be asked to generate a token that will be displayed to them. They must then copy and paste it into a form on your web site -- it's not passed through via GET/POST. It's up to you to create a form that accepts this token from your user.
Once the user has submitted this second token to your site, you'll need to call the facebook.auth.getSession function, passing the token as a parameter. This will finally return a session key that you can use continuously to authenticate that user; this key could, for example, be stored in the database alongside the user's account for easy retrieval in the future.
It's important to note that, should the user delete your application from their Facebook account, they'll need to repeat this authentication process in order to use your Facebook application. You should therefore provide the option for the user to reset their Facebook integration and set it up again. If you're storing the user's session key in the database, this task would simply involve deleting that session key and taking the user through the two-step authentication process above.
No comments:
Post a Comment