Tell-all: How we got through Facebook App Review

July 19, 2018

Share on Facebook Share on Twitter

Facebook introduced the new App Review process to ensure developers use granted permissions for no ill intent. Processing lasts up to several weeks, and in case of a rejected submission, feedback can be generic and scarce. Thus, we would like to share our experiences and describe how we got our app approved.

chatpointment offers a Chatbot-as-a-Service for appointment booking. With our web app, service providers can connect chatpointment’s chatbot to their Facebook page to let customers book via Messenger. To allow us to do that, we need approval for two essential permissions:

  • pages_messaging to allow our bot to respond to messages
  • manage_pages to subscribe our bot to a Facebook page

Prior to our submission for the new review process, we already had these permissions granted from an earlier review.

Messenger: Easy Rider

Our follow-up App Review For Messenger submission to obtain pages_messaging was quite straight-forward. We filled in the form and gave a short description regarding the bot’s purpose and how to test it. In our case, we justified the need for pages_messaging to respond to messages from users who book appointments with our bot. We explained how to interact with the bot and gave examples of key phrases that would trigger meaningful responses. For testing purposes we referred to Get Cut Or Try Dyeing, one of our public Hair Studio demos. That’s it!

Within a few hours after submission we already saw “Messenger Review Team #2” chat with our bot. The conversation was brief and consisted of a handful of interactions with buttons and carousel templates. The next day we got approval for pages_messaging and an invitation for business verification.

easy rider feeling excited messenger permissions approved
When Facebook approves your requested permission.

App Review: First Blood

Our App Review for Facebook Login submission to obtain manage_pages was of course more involved. We created a detailed screencast of how to log in to our web app and how to setup and connect our chatbot to a business page. To accompany that, we wrote up detailed step-by-step instructions on how to use the application and which permissions were needed for what.

We covered two different scenarios: One for a registration from scratch, and another one for a user who had already signed up before - a situation we have prepared with a test user. To cut the long story short: We clicked ‘submit’ and felt like we should earn a medal for our thorough submission.

Guess what.

Our submission was rejected two weeks later. Wow. We had not anticipated that. Following the Messenger Platform Developer Community we knew others struggled with their review. But we were doing everything right, right…?

The reasons given for our rejection seemed confusing at first. Allegedly, our login was not working properly and it was not clearly visible how our app used the requested permissions. We were pretty frustrated thinking that the reviewers just did not understood how to log in, although we had clearly described that step. In fact, each step of our screencast was meticulously captioned and explained which permissions applied.

Time to rethink.

We got off our high horse and digested the little feedback we got. How is it possible that the review team would not manage to log in? Well, it turns out we had split login and signup into two different buttons. Although authentication with Facebook applies for both, signup required to check an ‘I agree’ box. So, a login attempt without being signed up caused a ‘Sign up, please!’ prompt, only.

thinking with coffee meme chatbot design to improve user experience
When Facebook rejects your requested permission.

Keep it simple and stupid.

What seems logical at first, may easily be misunderstood. Especially when you are busy reviewing hundreds of apps a day… We concluded to simplify our login and offer just a single button that would cover login and signup alike. Additionally, we used a recommended ‘Continue with Facebook’ button to make it even more clear what’s going on.


Once logged in, a few setup steps had to be taken before one was able to connect a bot to a page. For instance, setting up a calendar and specifying staff members. These boilerplate activities caused our screencast to become longer than it had to be in order to get to the interesting parts showing how the requested permissions were used. The intent to shorten the screencast pointed us in the right direction: Make sign-up simpler and faster.

Thus, we re-structured our app, added meaningful defaults and managed to get from registration to the bot’s first response in less than a minute. Perfect for the screencast, and a real usability improvement. We also shortened our textual description. We went with a single usage scenario (fresh registration) and focused on ‘how’ to test and not on ‘what’ the app does.

Show ‘Em Whatcha Got

The remark that one would not clearly see how our app used the granted permissions puzzled us at first, because our screencast was riddled with explanatory comments. When making the screencast, however, we subconsciously viewed it through the eyes of the reviewer and not the actual user, who should experience a benefit from granting permissions.

Instead of beefing up the screencast with more director’s comment, we instead improved our app in such a way, that it became self explanatory how user-granted permissions were used. For instance, we labeled a drop down with an easily understandable message (‘Facebook pages you are admin of’) to clarify why pages_show_list was requested.

App Review: Reloaded

After making these adaptations, we resubmitted and got a positive response after ten days. The video below shows the submitted screencast for our second, successful attempt. It shows the login of a test user ‘Paul’, who is admin of a single page, for which he activates chatpointment’s chatbot. To prove that the bot is subscribed correctly, the final step shows him messaging his own page.

The instructions below complemented our screencast:

1. Log into Facebook as a test user: “Paul Frank Paulie Vario”, 147825336******, paul******, Password: *******
2. Visit our app
3. Login with Facebook by clicking on ‘Continue with Facebook’.
3.1 Grant ‘email’ permission (we need additional contact information).
3.2 Grant ‘pages_show_list’ permission (we use this to show a list of pages in the drop-down).
4. After successful login, you are on the ‘Status’ page.
5. Choose ‘Testpagepaulvario’ from the drop-down.
6. Press ‘synchronize’ to import business details from the page’s public data.
7. Click ‘Activate your chatbot’ at the bottom of the ‘Status’ page.
7.1 Grant ‘manage_pages’ (we use this to subscribe our app to the page).
7.2 Grant ‘pages_messaging’ (we use this to respond for the page).
8. chatpointment is now subscribed as an app to the page ‘Testpagepaulvario’.
9. Click ‘Talk to your chatbot’ at the bottom of the ‘Status’ page.
10. Log into Messenger as a test user: “Paul Frank Paulie Vario”, 147825336******, paul******, Password: *******
11. Chat with your bot in Messenger.

Closing thoughts

Facebook’s App Review process has caused plenty of grief among developers. However, one can view the App Review step as an opportunity to rethink and redesign. For chatpointment the results were improved usability through simplification and clarification. Maybe our shared experience can help others getting their apps approved more smoothly.

Finally, we would like to thank Lars Schwarz and Alex Muramoto, who moderate the Messenger Platform Developer Community, for their efforts and community support. Kudos!