If this is the first time you create a system user, you do not yet have a admin system user token. Start by getting a real admin user's access token in Business Manager .
Use your admin system user token or your own admin user's access token to create a system user.
Note:A system user can only be granted a role on an app if both the system user and the app belong to the same business. If your app needs to access data using a system user and access token belonging to another business, use the Business On Behalf Of API instead.
Here are the requests you need to get a system user token and make API calls. The first three steps are setup you can also do in Business Manager
. When you create your first system user, you use the access token of a real user, who is an admin
of the business manager.
To create a system user or admin system user via API, you need:
ADMIN
or EMPLOYEE
To create a system user, make a POST
request:
curl \ -F "name=Ad Server" \ -F "role=EMPLOYEE" \ -F "access_token=<ACCESS_TOKEN>" \ "https://graph.facebook.com/<API_VERSION>/<BUSINESS_ID>/system_users"
This returns the app-scoped id
of the new system user:
{ "id" : "100000008899900" }
This is the app-scoped ID
for a system user. You should use it to make API calls, not the canonical ID in Business Manager > System Users
.
To get the list of system users, you need an admin user or admin system user access token. The list includes admin system users, and their app-scoped IDs .
Make a GET
request:
curl "https://graph.facebook.com/<API_VERSION>/<BUSINESS_ID>/system_users?access_token=<ACCESS_TOKEN>>"
This returns a list of all system users, including admin system users, owned by a Business Manager:
{ "data": [ { "id": "1000081799813", "name": "Reporting server" "role": "ADMIN", }, ] }
You can change the name of a system user or admin system user:
curl \ -F "system_user_id=<APP_SCOPED_SYSTEM_USER_ID>" \ -F "name=FBX Server" \ -F "access_token=<ACCESS_TOKEN>" \ "https://graph.facebook.com/<API_VERSION>/<BUSINESS_ID>/system_users"
You cannot delete a system user or admin system user, but you can invalidate all access tokens for that user. Invalidate tokens by sending a DELETE
request to:
https://graph.facebook.com/<API_VERSION>/<APP_SCOPED_SYSTEM_USER_ID>/access_tokens
The response returns true
, if the call is successful. After that, you can generate new access tokens for the system user
, as seen above.