Home » Php » php – Facebook OAuthException: "user hasn't authorized the application to perform this action"

php – Facebook OAuthException: "user hasn't authorized the application to perform this action"

Posted by: admin July 12, 2020 Leave a comment


Using the Facebook PHP SDK, I’m getting the following error when I try to post a status update:

Fatal error: Uncaught OAuthException:
(#200) The user hasn’t authorized the
application to perform this action

These are the steps I’ve taken:

  1. Get code:

  2. Get access token:

    https://graph.facebook.com/oauth/access_token?client_id=FB_APP_ID&code=CODE&client_secret= FB_SECRET&redirect_uri=REDIRECT_URI
  3. Attempt the status update:

    $fb = new Facebook(array(
        'appId' => FB_APP_ID,
        'secret' => FB_SECRET
    $post = $fb->api('me/feed', 'POST', array(
        'access_token' => ACCESS_TOKEN, 
        'message' => 'hello world!'

I don’t see any settings in my application that would authorize the application to do this, but maybe I’m missing something. Any suggestions?

How to&Answers:

Make sure you ask for extended publish_stream permission when you’re requesting code (added as the third parameter):

https://graph.facebook.com/oauth/authorize?client_id=' . FB_APP_ID . '&redirect_uri=' . REDIRECT_URI . '&scope=publish_stream'

Hope this helps.



I had the same problem and this post really helped me out http://facebook.stackoverflow.com/a/8502709/965536

The only difference with my problem was that I was using the PHP SDK but essentially it works the same. I used the api call

$permissions = $facebook->api('/me/permissions');

You can then run your checks

if(isset($permissions['data'][0]['publish_stream']) && $permissions['data'][0]['publish_stream'])

This works for me but someone may have a better answer. Also you should wrap your publish post stream in a try catch

Hope this helps.



I put here some more information:

Mark’s replied above has lead me to the right direction. But it took me another 5 hours to figure out the solution.

  1. I’m using omniauth-facebook for ruby on rails.
  2. I need to set the scope for omniauth (Please refer to https://github.com/mkdynamic/omniauth-facebook)
  3. I also ready this post from “Lu Chen” to set the right scope request

So, here is the result for omniauth.rb:

provider :facebook, ENV['FACEBOOK_KEY'], ENV['FACEBOOK_SECRET'],
        :scope => 'email,user_birthday,publish_actions'


Have you taken the other steps required to connect the user with your app and get them to authorize your app to perform these actions? You need to register the users then call showPermissionDialog to let them log in and authorize your app. That’s what this error is telling you.