Required migration to token-based access for User Picture and oEmbed endpoints

As part of our Graph API 8.0 release, we announced breaking changes to how developers can access certain permissions and APIs. Starting 10AM PDT on October 23, 2020, developers need to migrate to token-based access in order to access User Picture and oEmbed endpoints for Facebook and Instagram.

This post outlines these changes and the necessary steps developers need to take to avoid disruption to their app.

User Picture

Facebook will now require client or app access tokens to access a user’s profile picture. Beginning on 10AM PDT on October 23, 2020 queries for profile pictures made against user IDs without an access token will return a generic silhouette rather than a profile picture. This is a breaking change for partners. While client or app tokens will be required for user ID queries, they will continue to be a best practice (and not required) for ASID queries for the time being.

Facebook and Instagram oEmbed

We are also deprecating the existing Legacy API oEmbed endpoints for Facebook and Instagram on 10AM PDT on October 23, 2020, which will be replaced with new Graph API endpoints. If developers don’t make this change and continue to attempt to call the existing oEmbed API, their requests will fail and developers will receive an error message instead. These new endpoints will require client or app access tokens or ASID queries.

Ready to make the switch? You can read more about these changes in our developer documentation for User Picture and also visit our changelog for Facebook OEmbed and IG OEmbed for details on how to start calling these Graph API endpoints.