So Facebook recently changed the policy about their API. Yes, Cambridge Analytica ruined it for everybody. Facebook has limited API access and included also app review for most of the permissions an app requires. Though there are still some loopholes but recently they almost closed everything saying your app has to pass through review.
So they basically want to see how you use their API. But this is with the assumption that you are dealing with user data. For example, having a Facebook login for OAuth on your website and when a user uses the plugin to login to your website, you request permissions from the user (e.g., permission to post the user’s behalf). The permissions could be for user profile or the privilege to manage the users pages.
The problem comes here. What if you want to access your own data? Do you have to pass through the review? As long as you’re only accessing your own data, it should NOT be a problem. So, basically, I create my access_token via Graph Explorer and use the API to access my data.
When Facebook required app review, I submitted the app along with a screencast (as they requested). I got a response saying they don’t see the login plugin in the video. But I don’t use the fucking login plugin because I am not asking people to login using Facebook. Basically, I don’t use the app to interact with Facebook users.
I explained in details what I want to do and the fact that my app is not related to users. Their response was “we can’t find the login plugin on our website.” For fucks sakes, Facebook.
During all this time, the API was working on and off without review for a reason that I do not know. And the people I have been in contact with were developers not just tech support (at least said Facebook). Why they were not able to understand the use-case is beyond me. This is the point where I said fuck their API. I will find a way, though it will be painful, because Facebook API has become useless.
The fix should be very easy though for Facebook. If an app is not reviewed, just limit the access to the app developer’s data/page/group… just like when the app is in development mode except being able to publish on your profile/page/group.