Required Permissions by Platform
A reference of the API permissions SoSocial needs for each social platform.
Permissions Overview
When you connect a social media account, SoSocial requests specific API permissions (also called “scopes”) from each platform. These permissions control what SoSocial can and cannot do with your account. Here’s a breakdown of what’s needed and why.
| Permission | Purpose |
|---|---|
| pages_manage_posts | Create and publish posts on your Facebook Page |
| pages_read_engagement | Read comments, reactions, shares, and other engagement metrics |
SoSocial only accesses your Facebook Page — not your personal profile. All publishing and analytics features operate through the Page Access Token.
| Permission | Purpose |
|---|---|
| instagram_basic | Access your Instagram Business Account profile information |
| instagram_content_publish | Create and publish posts, Stories, and Reels to your Instagram account |
Instagram permissions are granted through the Facebook OAuth flow, since the Instagram Graph API is accessed via Meta’s platform.
X/Twitter
| Permission | Purpose |
|---|---|
| tweet.read | Read your tweet data and timeline information |
| tweet.write | Create, publish, and delete tweets on your behalf |
| users.read | Access your account profile information (name, handle, avatar) |
These scopes are requested during the OAuth 2.0 with PKCE authorization flow.
TikTok
| Permission | Purpose |
|---|---|
| video.upload | Upload and publish videos to your TikTok account |
| video.list | Access your published video list for analytics and tracking |
Why These Permissions Matter
SoSocial follows the principle of least privilege — it only requests the permissions it actually needs to function. Each permission maps directly to a feature:
- Publishing requires write/post permissions
- Analytics requires read/engagement permissions
- Profile display requires basic read permissions
What If I Deny a Permission?
If you decline a permission during the OAuth flow, the related feature won’t work. For example:
- Denying
pages_manage_postsmeans SoSocial can’t publish to your Facebook Page. - Denying
pages_read_engagementmeans analytics data won’t be available for that account.
To fix this, disconnect and reconnect the platform, granting all permissions during the new OAuth flow.
Revoking Permissions
You can revoke SoSocial’s access at any time directly from the platform:
- Facebook: Settings > Security > Apps and Websites
- Instagram: Settings > Apps and Websites
- X/Twitter: Settings > Security > Apps and sessions
- TikTok: Settings > Security > Authorized apps
After revoking, disconnect the platform in SoSocial and reconnect when ready.