Facebook bot analytics event logging

I am currently working on a messenger bot and am trying to log additional events using facebook's app analytics platform.

Relevant documentations:

Events for messenger bots
Activities endpoint documentation

Example request (app information censored):

curl -F 'event=CUSTOM_APP_EVENTS' \
 -F 'custom_events=[{"_app_user_id": "1", "_eventName": "my-test-event"}]' \
 -F 'advertiser_tracking_enabled=0' \
 -F 'application_tracking_enabled=0' \
 -F 'extinfo=["mb1"]' \
 -F 'page_id=xxx' \
 -F 'page_scoped_user_id=xxx' \
 -F 'access_token=xxx' \
 https://graph.facebook.com/xxx/activities

Problem:

When issuing the request above, the event will appear on my analytics overview (https://www.facebook.com/analytics/xxx/?section=AppEvents) but without the actual event being recorded. The amount of events received stays at zero and the event debugger won't show any activity.

If I send the event without an access token (same request as above, just without the token) the event will get processed correctly.

While I can get it to work this way, I really don't think posting events without an access token should be working at all.. couldn't just everybody post them for my application?

The application is currently still in sandbox mode, so the issue might be related to that. Does anybody have experience with that?

Quick edit: Facebook themselves appear to be sending the request using an access token as seen int he facebook sdk for android.

回答1:

Access token is not required for this Graph API call to submit messenger bot events. Did you get errors while sending "valid" page_scoped_user_ids? If so, could you please reach out to support with more info? (App Id, page scoped user ids that gave the error)?

回答2:

Writing the events is limited by your ability to identify a valid appId, pageId, page scope user id triplet - no protection is afforded. I think drop the access token - you can use it to read event data but not write it.

The page_scoped_user_id must be a Facebook page scoped user id and the page_id similarly valid. Are you using invalid ones as part of testing? That might be why they don't all get through.