Marketing API Video 2: Core Components and Requirements
In this video, you will learn about the differences
between ownership, access, and permissions and understand why this is a fundamental concept
when integrating with Meta APIs. You will also learn about core components
to start a successful Meta API integration. Imagine you own an e-commerce website
for sports equipment and operate marketing campaigns
to drive traffic to your website. A Business Manager is a central space
to manage your business which may include assets such as pages,
ad accounts, pixels, and audiences.
Within a Business Manager, you may also have employees
who require access to your business. At some point, you may also decide to hire an agency or a partner to delegate and enhance your marketing efforts. To be able to grant your partner access to your assets,
you first have to create a partner relationship. This allows you to share assets and apply user
permissions to specific users across Business Managers. However, in order to start an integration with any of our APIs,
you will need additional core components. You must first register
as a Meta developer and create a developer app. In addition, every API request must be escorted
with an access token. We are now going to expand on all the core components
to ensure you are fully equipped to get started with a Meta API integration. To access certain products and developer features, verification of your business
as a legitimate entity is required. You can initiate the verification process
through Business settings. In most cases,
API integrations center around manipulating assets. Some examples of assets
include ad accounts, pages, pixels, offline event sets, developer
apps, catalogs, or custom conversions.
Sometimes it can be useful to create business
asset groups, which allows you to organize assets on the teams working on them. As a Partner,
you may wish to scale to many advertisers at once. The Business On Behalf Of API allows a Partner
to simultaneously create a System User, share a developer app and generate a
System User access token. This solution allows Partners to manipulate assets
at scale, all on behalf of an advertiser. When integrating with the Meta APIs, ensuring access
to assets for a user is an important prerequisite. There are two user types: people and system users. Both types can be either an admin or employee. People are always tied to an individual,
which is not always suitable for automating processes. This is because people may leave businesses. This is where a System User is useful as it is not tied to a real person
but can still be granted access to assets.
System Users represent software or servers
making API calls. Admin System Users
should be limited to administrative actions. They have elevated permissions
to help you create other System Users, ad accounts, apply user permissions, and more. You can add a person to a Business Manager and grant them access to assets with
specific permissions through Business Manager settings. Alternatively, you can manage user permissions
via the Business Management API, and this is especially helpful and important
when scaling across large businesses. A developer app is a gateway to access
Meta technologies. In order to create a developer app,
you first need to set up a developer account. This is a fundamental requirement. From here, you will have access to the Developer
App Dashboard and all of our products, SDKs, APIs, development tools, and developer documentation. You can connect the developer app with your Business Manager during developer app
creation, or later in your Business Manager settings. There are different types of developer apps.
Each type will be presented
with a selection of products, permissions, and features. The Business type is the most important for Partners. It’s used for managing pages, groups,
and marketing activities. You may also assign user access at this point too. There are four user roles
which can be assigned to a developer app. These include:
administrator, developer, tester, or an analyst. Each role grants a different level of access
to your developer app. We recommend that you only give
as much access to a person as they need. This provides greater security for your developer app and limits potential harm if a person's account is compromised. A developer app contains app permissions or features
addressing different use-cases.
App permissions control
which API endpoints may be accessed. For a Partner, some of the most important permissions are: ads_read, ads_management, and business_management. Features are used to unlock certain API capabilities
but generally do not control access to data. For a Partner, one of the most important features
is called Ads Management Standard Access. This unlocks lighter rate limiting, fewer restrictions, and is generally recommended
for scaling Marketing API integrations. Each app permission or feature is associated
with either Standard or Advanced levels of access. Standard Access is sufficient if a user or system user makes API calls to assets
within the same Business Manager. However, in order to access assets across Business
Managers, Advanced Access is required. All Business apps are automatically approved
for Standard Access for all permissions and features. Advanced Access, however, must be approved
for each individual permission or feature through an app review process. If you want to learn more about app review, please refer to video three in our educational series
for more information. Every API call is escorted with an access token. It is a unique hashed string used for authentication
purposes. Access tokens can be associated to either
a user, page, developer app, or a system user.
It specifies what type of actions and APIs that may be accessed, along with validity information
such as expiry or issue time. A user access token is required
any time a developer app makes requests to a Meta API to read, modify,
or write a specific action on a user’s behalf. For example, you can also use this to manage or read
advertising data of an ad account a user has access to. A page access token is similar to a user access token, except that it provides permission for a developer app
to manipulate the data belonging to a Facebook page. An app access token relates to a developer app. It can also be used to read and modify parameters
in a developer app and to assign or manage test users.
You can also generate tokens for System Users. These access tokens never expire,
which makes System Users a recommended way of accessing the Meta Marketing API on behalf of an advertiser
or when automating operations. For example, you could use a System
User access token to schedule a daily cron job which scans active ads
and to pull advertising insights. Or perhaps a job which would remove users
from a Business Manager when they leave a business. Let's summarize what we need for getting started:
A verified Business Manager. A user with a developer account.
This user needs to have a role in a Business Manager. Business assets that are either owned by a Business
Manager or shared by a partner Business Manager.
The user should have read, manage,
or admin access to these assets. The developer app which belongs to a Business Manager,
and a user which has a role in the developer app. And an access token, which is used for identification
of every API request sent. Building an API integration requires
all these components, in combination with the fundamental concept
of ownership, permissions, and access..
