Facebook Integration

Last updated: April 11, 2026

SocialRoar uses the official Facebook Graph API to help businesses, agencies, and creators manage comments on their Facebook Pages. This page documents exactly which permissions we request, why we request them, what we do with the data, and how users benefit — for use during Meta App Review.

What SocialRoar does with Facebook

SocialRoar connects to a Facebook Page that the user owns or administers. Once connected, SocialRoar:

  • Loads comments on the Page’s posts, photos, videos, and reels into a unified inbox;
  • Classifies each comment by sentiment and tags it (question, complaint, praise, spam, purchase intent) using AI;
  • Generates AI-suggested replies grounded in the brand’s knowledge base;
  • Posts the user-approved reply back to Facebook;
  • Hides, unhides, or deletes comments — only when explicitly requested by the authorized user — to manage spam and harassment;
  • Surfaces engagement analytics: comment volume, response time, sentiment trends.

Step-by-step user flow

  1. The user signs in to SocialRoar.
  2. From Settings → Connected Accountsthe user clicks Connect Facebook Page.
  3. The user is redirected to Facebook’s OAuth dialog and selects which Pages to grant SocialRoar access to. They explicitly approve the requested permissions.
  4. SocialRoar exchanges the OAuth code for a long-lived Page access token, stored encrypted at rest.
  5. SocialRoar subscribes the Page to the feed webhook so new comments arrive in near real time.
  6. New comments appear in the inbox with sentiment, tags, and an AI-suggested reply. The user reviews and approves, edits, or replaces the suggestion.
  7. On approval, SocialRoar posts the reply via the Graph API using the Page access token.

Permissions requested and why

  • pages_show_list — to list the Pages the user manages so they can pick which ones to connect.
  • pages_read_engagement — to read comments and engagement on the user’s Pages. This is the core read scope of the product.
  • pages_manage_engagement — to post reply comments and to hide, unhide, or delete comments on user instruction.
  • pages_read_user_content — to read user-generated content (comments left on the Page) so it can be displayed in the inbox.
  • pages_manage_metadata — to subscribe and unsubscribe Page webhooks for comment events.
  • business_management — only when the user manages Pages through Meta Business Manager, to list and select the correct business asset.

We only request these scopes, and only at the moment the user chooses to connect a Facebook Page. We never request permissions we do not actively use.

How the data is used

Comment text, commenter public profile information, post identifiers, and engagement metrics are loaded into the user’s SocialRoar inbox. To generate an AI reply, the comment text and relevant snippets from the user’s knowledge base are sent to our AI provider (Anthropic) under a no-training contract. Replies are only posted back to Facebook after the user explicitly approves them.

We do not use Facebook-derived data for advertising, retargeting, model training, or to build profiles for purposes unrelated to the features described above. We never sell this data.

Storage, retention, and deletion

Page access tokens are encrypted at rest and never exposed to the browser. Comments and replies are retained while the Page remains connected. When the user disconnects the Page, deletes their account, or removes SocialRoar from Facebook → Apps and Websites, we delete all associated Facebook data within 30 days. See our Data Deletion Instructions.

Compliance

SocialRoar complies with the Meta Platform Terms and Developer Policies. We do not transfer data we receive from Meta to data brokers, ad networks, or analytics platforms beyond the service providers described in our Privacy Policy.