Capture The Conversation

2010 May

iPhone, Facebook, oAuth 2.0 and the Graph API. A Tutorial.

Room 214, May 25, 2010

NOTE: The source code for this tutorial is still linked below, however the FULL Facebook/iPhone Graph API can be found here:

The new Facebook Graph API looks to be the cat’s meow, the bee’s knees, the coolest thing since sliced bread. Ok, that’s a bit much… but it is a whole lot more powerful, easier and cross-platform consistent than the previous plethora of Facebook APIs.  The Graph API was announced at Facebook’s F8 conference just over a month ago.  At the time of release, I was surprised no iPhone SDK was made available. I fully expected that at least an unofficial SDK as well as full blown tutorials would be out en-mass by now, but to no avail.

Not nearly patient enough to wait for an official SDK or iPhone API from Facebook, I asked Google how to “Facebook oAuth 2.0 iPhone” and was disappointed with the results. It turns out, there are very few, woefully incomplete examples of how to authenticate to Facebook via oAuth 2.0, from an Objective-C / native iPhone application. The best implementation I found was a pseudo API, however I don’t care for it since it uses the old Facebook Connect authentication scheme, then implements the graph API on top of that layer.

Adding insult to injury, there was lots of news last week about the Android Graph API but no love for the iPhone:

“Facebook’s mobile development team soft launched a Facebook SDK for Android, bringing functionality that was previously only available on the iPhone to the Android platform. It gets better: Facebook gave the Android platform a de facto exclusive on two of its newest initiatives: Open Graph APIs and OAuth 2.0.”

Will M,

Aside:  My theory on why there’s not iPhone/Objective-C API is:  That functionality is going to be directly (and deeply) integrated in the forthcoming iPhone OS 4.0 (June?).

All of that being said, I slashed, burned and figured it out.  Here’s the result, a very simple end-to-end example of how to connect to Facebook via oAuth 2.0 on the iPhone.

Part 1: Connecting to Facebook with oAuth 2.0 on the iPhone

Part 2 of this series will cover how to interact with the Graph API.

NOTE: You can go to to play with the Graph API, directly in your browser.

Assumptions and requirements:

  • Facebook: You’ve installed the Facebook Developer Application.
  • iPhone: You’ve installed the iPhone Xcode SDK installed (I believe most any version will work) and have a some level of knowledge about objective-C, Interface Builder, etc.

Facebook Setup

  • Go to the Facebook developer App and install if you haven’t already
  • Once you’ve installed Setup a New Application
  • Next you need to configure a few app settings:
    • BASIC tab: enter an Application Name
    • AUTHENTICATION tab: un-check and leave everything blank
  • Save changes.  Save yourself some frustration and make note of the Application ID now.

Sample Code:

[download id=”3″ format=”1″]

iPhone Setup

Open up the Xcode project. There’s only 2 functions at play here:


This function is called as soon as the view has completely loaded.  It then asks the UIWebView to begin the oAuth 2.0 authorization process by sending a request to:

(NOTE:  display=touch, we’ll get back to this in a bit)


This function is called several times throughout the login process execution. These multiple web view finished calls have to do with server redirects within the oAuth 2.0 process flow. We’re only interested when the requested URL contains:


And the associated obj-c code to identify when this occurs is:

NSRange access_token_range = [url_string rangeOfString:@"access_token="];
if (access_token_range.length > 0) {

Then, this code extracts the oAuth token out of the URL we received back the Facebook oAuth servers:

int from_index = access_token_range.location + access_token_range.length;
NSString *access_token = [url_string substringFromIndex:from_index];

iPhone Configuration

In oAuth2TestViewController.m update the client_id variable with your Facebook Application ID:

/*Facebook Application ID*/
NSString *client_id = @"YOUR_FB_APPLICATION_ID";

Running the App

Once you’ve pasted your Facebook Application ID into the right place, you should be able to run the application straight away.

When you first launch the simulator oAuth2TestViewController it will automagically initialize the oAuth login procedure via the webView object. Barring any errors or configuration issues, you should get a Facebook login screen optimized for an iTouch device (NOTE:  thus the display=touch we made note of above). Finally after you’ve logged in you’ll see your oAuth access token in the Xcode debug console.

Sample Code:

[download id=”3″ format=”1″]

That’s it. No bells & whistles, no buttons, no Interface Builder, no UITableViewControllers; just the bare minimum required to get an oAuth 2.0 token via an itouch device from Facebook.

In part 2, we’ll interact with the Graph GETing from and POSTing data to it, using a pseudo-API.

Find me here: @dominicdimarco

NOTE: (5/27/2010 11:09 AM MST) The original post has been updated incorporating feedback from comments below.

Focus On The Aggregate Influencer

Room 214, May 25, 2010

I believe that you need to properly identify and reach out to individual influencers. It’s something we do for all of our clients. It’s an extremely important part of building relationships, and it’s a nuanced art. But people often miss the importance of understanding and reaching out to the groups or mediums most influential for a brand. Understanding the aggregate influencer is crucial to creating, honing and sharing content that really matters, and getting others to share it for you.

A Complicated Journey

When a brand creates a piece of information, that piece has a twisted, convoluted and often times unexpected set of adventures across the vast world of the interwebs. Once upon a time, this was the simple vision for the internet.

40 years later and things are not so simple. Interesting information about a brand can be shared on blogs, Twitter, Facebook, Youtube, email, Buzz, text and a wide variety of other places. From those individual social spaces, others can share, reshare, and create additional information. Individuals with no inherent interest in your brand can stumble upon it by reading tangentially-related stories on blogs. And now we’ve got the Facebook Like button, which lets individuals trace their way through the web by means of their friends’ interests.

It gets very messy, very quickly. You have to know what to track and where to start looking in order to determine what kinds of people, places and spaces are hotbeds of activity surrounding your brand. Knowing this information, you can then create sticky and relevant content and properly support communities that have the highest propensity to make content viral.

How To Make Sense Of It All

You need to figure out what it is that you need to know in order to better understand groups and places of influence.

  • What content gets shared most
  • Where it goes viral
  • What types of content are best fit to specific mediums
  • Types of sharing (ie a few individuals share a lot vs. many individuals share a little)

Above is a snapshot of a dashboard from Meteor Solutions. We placed a bit of Meteor’s code on a client’s website. It allows us to anonymously track how individuals are choosing to share content from this website. We can see what days had the most visitors from shared links, where those people came from, and what kind of content they liked (shared) the most. It also allows us to find out where the content is being shared, potentially uncovering message boards, Facebook communities, etc. that are important influencers for our client.

Untapped Influencers

There are also plenty of sources that aren’t coming directly to your own website, but could be. Here’s a snapshot of a Syomos MAP search on “shade-grown coffee”, which gives me insight into influential message boards and forums surrounding this topic.

It’s Never Static

Whether you like it or not, this work is never done. Key communities will change. The types of content most often shared will change. To build a following, you can’t just monitor for the crisis situations; you need to monitor for the most beneficial situations too. We use a host of tools to go about tracking conversations, content sharing and overall feedback, but that toolset changes constantly. I’d love to hear anything you’ve seen useful. I’d also be happy to talk more about what we use. Drop me a line.

Who Takes The Blame For The Internet Overshare?

Room 214, May 13, 2010


I vividly remember my first Facebook status update; I felt like I was crossing a dangerous threshold. This past January, I had an acquaintance tell me he enjoyed that I was always in his news feed, regardless of time of day. I took that as a bad sign, and had flashbacks to reading Emily Gould’s piece Exposed, which detailed her addiction to sharing online. Her job, and thus her life, was online, and over time her sense of privacy crumbled to a point of no return; every action was chronicled via blog, and every reader comment became part of a life-defining feedback loop.

How much are you willing to share online?

The New York Times did an interesting piece this weekend on the “Tell-All Generation”, chronicling a small shift as early 20-somethings realize their online persona is also their virtual resume. Yet, just as some freshly-minted college grads are realizing the discrepancy between their resume interests (volunteering, photography) and their Facebook interests (keg-stands, grilling), a slightly older set of consumers is working to remove the line between their offline and online selves, pushing the boundaries of privacy further and further. And companies are gobbling it up.

Opting-In, With Lots of Pressure

The Facebook privacy conversation is a much-debated topic, mostly because Facebook is trying to own the internet, and they’ll do that better (and make more money doing it) if they have a lot of personal data to work with. They claim they’ve got our privacy interests in mind, but making my info inaccessible is not in their best interest. Their VP of Public Policy argues that Facebook is an opt-in service, which is, of course, true. I’d argue that, within Gen X and Gen Y, the absence of a Facebook account is either a badge of honor or the mark of a social pariah.

Opting-In, With No Pressure At All

I’m far more interested, however, with the one-off services that consumers seek out themselves. I was shocked when Blippy first opened it’s virtual doors, asking consumers to share their intimate transaction data to paint a picture of our bizarre and unique spending habits. I opted out. My decision was vindicated when a few intimate transaction details ended up in Google search, but it appears that Blippy is still going strong, with over $150 million in monthly transaction data. Up next? CC: Everybody, a service that allows you to publish emails publicly, and have them open for public comment.

I Want to Mine Your Data
From a research perspective, I am fascinated. Every day, I have access to more and more data points, both individual and aggregate, that tell me the intimate details of peoples’ lives. No longer is an online persona just a perceived self, a la The persona can now be defined by tangible activities, even without going as far as Blippy. How often does an online shopping website ask if you’d like to share your purchase on Facebook? From a personal perspective, I’m a tad nervous, though I can’t quite pinpoint why. It will subside, and I’ll share more. Facebook is banking on this, not because they are pushing me in that direction, but because others are already doing so. Is it really Facebook’s fault?

Extra Reading

There is a ton of back and forth going on regarding this topic. This post is meant to just start the conversation. Feel free to post additional reads in the comments section.

Calculating Social Media ROI, Part One

Room 214, May 7, 2010

ROI is consistently the hot topic in social media. Everyone wants to know the magic formula, the mathematical equation that will produce (justify?) effective online efforts. Metrics in any program need to be focused on an end goal, and those end goals can normally be found in quarterly or yearly strategic business goals. This should come as no surprise; any marketing effort should be focused on driving a bottom line.

There are ways, however, to put some measurement into your online activity. Our Entertainment Group Practice Director, Wendy Hofstetter, came up with a way to get at this. This method takes the standard ROI analysis for a media buy (think banner ads), and applies it to social media efforts. You will be able to show how much your brand would need to spend in order to buy the equivalent amount of impressions you are generating in social media, and determine your ROI based on this amount.

Get Started

Let’s say you produce something you like to call Beer. Delicious! What a great product. We here at Room 214 support your decisions. You have multiple social media properties, including Facebook, Twitter, and YouTube. For each of these properties, you need to determine the number of impressions you are generating and a standard CPM you would pay online for advertising.


  • Facebook gives you an overall impression-per-post and daily impressions.
  • Your Beer page has 50,000 fans, with average daily impressions at 5,000.


  • As Twitter does not provide insights, it’s best to determine your number based on number of fans. Here, we will estimate that 10% of fans see any given update.
  • Your Beer Twitter page has 15,000 followers and makes 1 update a day.


  • YouTube is simply addition of all video views.
  • You have 24 videos about Beer uploaded this quarter, with a total of 200,000 views.

Doing the Math

Let’s determine a CPM for eyeballs (or as someone suggested to me today, a CPM for engagement). A simple online banner ad buy might come at a CPM $3.00. A behavioral-targeted campaign might come in at $15.00. Here, though, your eyeballs have already opted-in to hear from you. What is the cost of an impression like that? A conservative number could put you at $20.00. Assume you have a marketing manager spending 50% of his time managing your communities, at a yearly salary of $60,000.

Views: (5,000*365) + ((15,000*365)*.1) + 200,000 = 2,572,500 views

CPM: (2,572,500/1,000)*$20=$51,450

ROI: 51,450/30,000=1.715 (or 171.5%)

A Few Additional Thoughts

Based on the above calculations, you would need to spend over $51k to buy the same amount of impressions you’re generated by simply posting on your social media communities. And thus, you have a 171.5% ROI for your efforts. These numbers are representative of the fan-base for a medium-sized business. As managing communities takes time regardless of their size, the ROI is much higher with larger communities. I’d also like to note that there are plenty of factors NOT taken into account, like engagement, but I will dive into that in my next post.