The facebook chat api is a power tool. From a purely technically point of view, it definitely does more than its predecessor of private messages in the Graph API.
This brings up a question of where Facebook is drawing the line of abuse of its chat api.
So here's how I'm planning to use the Facebook chat api for my app.
The app is an event planning app that lets users invite their friends to an event. Other than sending SMS, and emails to notify the guests, the most reliable way is to send invitations through the list of facebook friends. And let's face it, sometimes you may not have the person's phone number in your contact book, and you definitely don't remember most of their emails, so facebook is your only source for reaching them.
So I need a solution to send invitations to the guests. Here are my requirements and conditions:
- The guest is a facebook friend of the user
- There's no way of obtaining the guest's email (unless the user enters it) or phone number (ie. sms is not an option)
- Each guest must receive a link that is unique to him/her
- No one else should be able to obtain this link (ie. the message shouldn't be seen publicly)
- It must not require the user's interaction to send these invitations (imagine having the user confirm a facebook post 10 times for the 10 facebook friends he's inviting). The invitation must be sent automatically.
Here's the obstacle. Facebook had revoked the functionality to send private message recently (I was able to have my facebook friends send me private messages via an app just over a month ago, not anymore). However, I discover that I could do so using Facebook Chat API.
This seems to be a grey area, my app is using the chat api for the sole purpose of helping the users notify their friends of their event invitation. There's no intention of abuse (such as mass messaging everyone of the user's friends with a link to my APP/website). Is Facebook going to hunt me down and revoke my App's privilege to use Facebook's API?
Can anyone shed some light on whether my intended usage of the API is an abuse or is it legitimate? If it is not legitimate, what are your suggestions.
I'd recommend using core functionality wherever possible here. For example, you could utilise the Facebook 'Event' object and the Graph API to create invite-only events and to invite individual friends of your app's users. This would deliver the same functionality without the need for nonce-based invite URLs and possible misuse of the Chat API. Take a look at https://developers.facebook.com/docs/reference/api/event/#invited for details.