Introducing Facebook Graph API v10.0 and Marketing API v10.0

Today, we are releasing Facebook Graph API v10.0 and Marketing API v10.0.

This release has many announcements, updates, deprecations and “undeprecations” that may impact how your application(s) integrate with our platform. This post outlines these updates and the necessary steps developers need to take to avoid disruption where applicable.

Detailed information regarding all the changes is provided below. For technical specifications, please visit our v10.0 changelog.

Visit the Platform Initiatives Hub to learn more about our Developer Platform.

Announcements and Updates

Data Use Checkup certification

To avoid losing your Facebook Platform API access, please complete Data Use Checkup (DUC) within 60 days of being enrolled. You can complete DUC by going to the “My Apps” page in your App Dashboard.

Last fall, Facebook launched Data Use Checkup (DUC), a new annual requirement for Developers to certify their API access and data use comply with the Facebook Platform Terms and Developer Policies.

As part of our gradual rollout to all apps, you'll receive a due date and further instructions via a developer alert, along with an email to the registered contact address and a notification in your Required Actions list on the App Dashboard.

For detailed instructions on completing DUC, you can refer to our developer documentation. You can also find out more in the DUC dedicated FAQs section.

Groups API 90-Day Data Access Levels and Data Limits:

Starting on May 24, 2021, when utilizing the Groups API, applications’ available data access window will be limited to 90 days.

We are also introducing tiered Groups API access for consumer applications based on if they are in Development Mode or Live Mode. Groups API permissions will now behave similarly to Standard and Advanced Access for business applications.

Today, apps in Development Mode can access all contents of Public Groups & Private Groups where the developer is an admin. After completing App Review, these apps can access all content from groups that have installed the app.

On May 24, 2021, apps in Development Mode can only access their own content in Public Groups & Private Groups where the developer is an admin. This means the app will not have access to content that other Groups users (without roles on the app) have published, such as posts and comments.

Learn more in the v10.0 changelog

Access Levels for public_profile and email permissions for Business Apps

As part of our ongoing initiatives to safeguard and protect user data, we’ve added the public_profile (i.e. Default Public Profile Fields) and email permissions to the access levels model we announced with Graph v8.0 for new and existing business type apps.

Newly created business type apps now start with Standard Access for the public_profile and email permissions. When an app has Standard Access to public_profile, only users with a role on the app or business that’s claimed the app can search for or log into the app. If you need external users to log into your app, app admins can request Advanced Access in the App Dashboard. This access will be auto-granted.

Learn more in the v10.0 changelog

Data Deletion Requests Reminders

As announced on November 10, 2020, Consumer & Gaming app types submitting for App Review or transitioning from Development Mode to Live Mode will be required to provide a data deletion request callback, or a URL with explicit instructions for users on how to request deletion of their data. We plan to enforce this requirement by November 10, 2022 and will remind app developers 60-days prior to enforcement.

Graph Ads Insight API Change Options for Retention Reduction Project

Ads Manager UI will no longer support reporting of Ads Insights metrics data older than 37 months. The API will return an error when the request contains date ranges beyond the 37 month retention. We are disabling the 'date_preset = lifetime' and replacing it with 'date_preset = maximum.'

Graph API v10.0 changes to Ads Insight, except for 'date_preset = lifetime,' will be applied to all other versions of the Graph API after 90 days. The specific field called does not need to change. There will be preset functionality, and all "Lifetime" calls will default to 37 month retention as maximum.

This change will not impact data related to ad creatives, audiences, delivery settings, or ad object names, and there will be no change to the calculation of existing metrics. This change will apply across Ads Reporting surfaces, including Ads Manager, Ads Reporting, and Lightweight Ad Experiences.

• Day of Release 2/23/2021:
  • Version 10.0
    • Enable 'date_preset = maximum'
    • Disable 'date_preset = lifetime'
    • Return error when request contains explicit date ranges that are beyond the 37 month retention
  • Versions 9.0 and below
    • No change to current functionality
• 90 Days Post Release - 05/24/2021:
  • Versions 9.0 and below
    • Enable 'date_preset = maximum' (same as new version)
    • Return error when request contains explicit date ranges that are beyond the 37 month retention (same as new version)
    • date_preset = lifetime' can still work but it only return data within 37 months, that is to say, it behaves like maximum

Learn more in the v10.0 changelog

New Deletion Policy for externally-owned data on ThreatExchange

Beginning May 24, 2021, when partners set an expire_time on the data they upload to ThreatExchange, we will “hard delete” data at the expiration time mentioned. If you wish to indicate data is no longer valid, set the "expired_on" field to delete automatically.

Formerly, "soft" delete meant that we label expired content as expired. We no longer support soft deletes, and after content expires, it will be hard deleted and will no longer be visible in ThreatExchange.

Additionally, all non-Facebook ThreatDescriptors in ThreatExchange will be hard deleted once they expire. The expiration time will continue to be set by the creator of the ThreatDescriptor. Deletion will then begin on all expired ThreatDescriptors not created by Facebook. If your application currently has expired ThreatDescriptors that you do not want to delete when this policy goes into effect, you must push back the expiration date or set it to "0" to ensure that the data never expires.

Click here to learn more about the changes

Targeting Changes in new API

On May 24, 2021, we'll no longer ask for location_spec and country parameters when creating a Lookalike Custom Audience across all versions of the API.

When creating a Lookalike Audience, the user selects the Lookalike source and the desired ratio. The location for the Lookalikes will be defined by the country location in the campaign’s targeting specification. There will be no impact on existing campaigns given this change. This change will only impact new and edited campaigns.

Launching new Platform Live Status page

The new Facebook’s Business Status page will increase transparency and proactive communication with external developers using Facebook’s Platform Products. This page will provide a centralized place to check the platform status of Facebook's business products (Ads, WhatsApp Business API, Facebook Developer Platform, etc.). The page is currently live for Ads Manager and Whatsapp Business API, and additional business products will be added through May 2021.

Deprecations

Deprecation of the Go Live Dialog

On May 24, 2021, we will be deprecating the Go Live Dialog (GLD) SDK. This deprecation of a legacy live production tool will occur across all versions of the API. This change will only impact live broadcasting on Facebook. We encourage developers to use the Live Producer and Live API for all bespoke live production solutions.

Solutions to go live once the GLD SDK is deprecated:

• Access Live Producer directly via facebook.com/live/producer (or other entry points on Facebook such as the “Live Video” button on a Page or Profile)
• Integrate any custom solutions with the Live API

Learn more in the v10.0 changelog

Connections Targeting Deprecation

On May 24, 2021, Connections Targeting will no longer be supported when creating/editing an adset. This requirement will only impact new and edited campaigns, and there will be no impact on existing campaigns.

Learn more in the v10.0 changelog

Undeprecations

Undeprecate endpoint gr:delete:Page/tabs

When we launched Graph API v8.0, we deprecated the gr:delete:Page/tabs endpoint for the Pages Tabs. We have decided to undeprecate this endpoint immediately for Graph API v10.0 and will reinstate its access on May 24, 2021 in all other Graph versions.

Learn more in the v10.0 changelog

Undeprecate endpoints gr:post:Business/business_users, gr:post:Business/system_users, and gr:post:User/access_tokens

When we launched Graph API v9.0, we restricted access to three business endpoints:

• gr:post:Business/business_users
• gr:post:Business/system_users
• gr:post:User/access_tokens

As of the launch of Graph v10.0, we will re-open these endpoints to API calls when apps meet either of these two conditions:

• The target business is the owning business of the calling app
• The target business is a child business (in a Business 2-Tier model) of the owning business of the calling app

Learn more in the v10.0 changelog

Action Item Calendar

Marketing API Version Deprecations:

As part of our Marketing API versioning schedule, please note the upcoming Marketing API version deprecations:

• March 3, 2021: Marketing API v7.0 will be deprecated removed from the platform
• May 4, 2021: Marketing API v8.0 will be deprecated removed from the platform
• August 25, 2021: Marketing API v9.0 will be deprecated removed from the platform

To avoid disruption to your business, we recommend migrating all calls to the latest Marketing API version that launched today. (Visit the changelog for more details).

Graph API Version Deprecations:

As part of our Graph API versioning schedule, please note the upcoming Graph API version deprecations listed below:

• May 4, 2021: Graph API v3.2 will be deprecated removed from the platform
• August 3,2021: Graph API v3.3 will be deprecated removed from the platform

General Deprecations

• May 24, 2021:
  • Go Live Dialog will be deprecated and removed from the platform
  • Connections Targeting will be deprecated and removed from the platform

Developer Action Required

• Rolling Enrollment: Data Use Checkup certification
  • Once enrolled, completion required within 60 days
  • DUC dedicated FAQs section.
• February 23, 2021: Launch of Graph Ads Insight API changes only for Graph v10.0
• May 24, 2021:
  • Launch of Graph Ads Insight API changes for Graph v9.0 and below
  • Changes to Access Levels Based on App Review go into effect
    • Groups API data access limited to 90 days
    • Groups API tiered data levels implemented
    • Change to public_profile and Email Permissions for Business Apps goes into effect
  • New “Hard Deletion” data policy on ThreatExchange is implemented
• November 10, 2022: Data Deletion Requests Deadline