[dranov]

Apparently, v1.0 of the Facebook Graph API could access users' private messages via the 'read_mailbox' API request [1]. This was deprecated when v2.0 launched.

"Version 1.0 of the Graph API launched on April 21, 2010. It was deprecated in April 2014 and closed completely to legacy apps (ie, existing apps that used the API before April 2014) on April 30, 2015."

[1] https://medium.com/tow-center/the-graph-api-key-points-in-th...

[b212]

But why? Why would anyone set up an API access to PRIVATE messages. That's crazy :o

[spike021]

On one hand it's actually a fairly reasonable API. Imagine using third-party AIM clients a decade or more ago. Same kind of thing.

[ex3ndr]

They never provided ability to send messages. This is a useless thing for AIM clients.

[simcop2387]

You used to be able to connect to facebook messenger via XMPP. Combined with this permission, it would have let you retrieve historical messages and add persistence among alternative clients.

https://news.ycombinator.com/item?id=9266769

[spike021]

Actually they did. I used the old OSX iChat to message with friends on FB.

Other third party applications had that ability as well.

[RobLach]

Facebook's agenda at that point was get as many developers onto their platform by enticing them with all this access to "data people gave away".

[liquidise]

If Adium, Pigeon, or another collective chat application needed that permission at the time to combine my facebook and AIM lists into a single application, i would have certainly understood it.

[clusmore]

In late 2013 I used (I think) the Graph API to pull my own private chat messages so I could see what messages I sent and received on a particular day, to remind myself when certain events happened. I can't think of many good reasons for this API to exist to third parties, but it was pretty handy for my own data.

[thinkingemote]

A third party messaging client would need it