HTTP/2 200
vary: Accept-Encoding
content-encoding: gzip
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-frame-options: DENY
content-security-policy: default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-JuAk8vYx' blob: 'self' connect.facebook.net 'unsafe-eval' https://www.googletagmanager.com/gtag/js https://www.googletagmanager.com https://*.google-analytics.com https://translate.google.com *.google.com gw.conversionsapigateway.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://analytics.google.com https://*.analytics.google.com https://*.google-analytics.com https://*.googletagmanager.com https://stats.g.doubleclick.net gw.conversionsapigateway.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com https://*.google-analytics.com https://*.googletagmanager.com https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net *.doubleclick.net *.tenor.co *.tenor.com *.giphy.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/ dc.ads.linkedin.com analytics.twitter.com t.co;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data: 'unsafe-eval';block-all-mixed-content;upgrade-insecure-requests;
document-policy: force-load-at-top
document-policy: include-js-call-stacks-in-crash-reports
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: unsafe-none;report-to="coop_report"
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
origin-agent-cluster: ?1
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 4T2Ss7eeQDuG3q6XVeQg2mbXhkaojO9oI8BAQBffeHa8nDTb/z9fx+WWbVf4a5F01QBZrCwe6K0ricxMcvnDuw==
date: Fri, 25 Jul 2025 01:45:31 GMT
x-fb-connection-quality: UNKNOWN; q=-1, rtt=-1, rtx=0, c=10, mss=1380, tbw=3531, tp=-1, tpl=-1, uplat=641, ullat=0
alt-svc: h3=":443"; ma=86400
Pages - Webhooks from Meta - Documentation - Meta for Developers
Setting Up Your Endpoint and Webhook Product
Follow our Getting Started guide to create your endpoint and configure the Webhooks product. During configuration, make sure to choose the Page object and subscribe to one or more of the Pages fields below.
Field Description feed
Notifies you when an Page's feed has changed; posts, reactions, shares, etc.
messages
Notifies you when your page has received a message via Messenger. See the Webhooks for Messenger guide for a list of all available messages webhooks fields
Install Your App
Webhook notifications will only be sent if your Page has installed your Webhooks configured-app, and if the Page has not disabled the App platform in its App Settings . To get your Page to install the app, have your app send a POST
request to the Page's subscribed_apps edge using the Page's acccess token.
Requirements
For the messages related fields only
Sample Request
curl -i -X POST "https://graph.facebook.com/{page-id}/subscribed_apps
?subscribed_fields=feed
&access_token={page-access-token}"
Sample Response
{
"success": "true"
} To see which app's your Page has installed, send a GET
request instead:
Sample Request
curl -i -X GET "https://graph.facebook.com/{page-id}/subscribed_apps
&access_token={page-access-token} Sample Response
{
"data": [
{
"category": "Business",
"link": "https://my-clever-domain-name.com/app",
"name": "My Sample App",
"id": "{page-id}"
}
]
} If your Page has not installed any apps, the API will return an empty data set.
Graph API Explorer
If you don't want to install your app programmatically, you can easily do it with the Graph API Explorer instead:
Select your app in the Application dropdown menu. This will return your app's access token.
Click the Get Token dropdown and select Get User Access Token , then choose the pages_manage_metadata
permission. This will exchange your app token for a User access token with the pages_manage_metadata
permission granted.
Click Get Token again and select your Page. This will exchange your User access token for a Page access token.
Change the operation method by clicking the GET
dropdown menu and selecting POST
.
Replace the default me?fields=id,name
query with the Page's id followed by /subscribed_apps
, then submit the query.
Common Uses
Getting Page Feed Details
Your app can subscribe to a Page's Feed and get notified anytime any Feed-related change occurs. For example, here's a notification sent when a User posted to a Page.
Sample Webhook Response
[
{
"entry": [
{
"changes": [
{
"field": "feed",
"value": {
"from": {
"id": "{user-id}",
"name": "Cinderella Hoover"
},
"item": "post",
"post_id": "{page-post-id}",
"verb": "add",
"created_time": 1520544814,
"is_hidden": false,
"message": "It's Thursday and I want to eat cake."
}
}
],
"id": "{page-id}",
"time": 1520544816
}
],
"object": "page"
}
] Use the post_id
from the notification to comment on that Page post .
Sample API Request
curl -i -X POST "https://graph.facebook.com/{page-post-id}/comments
?message=I%20want%20chocolate%20cake%20!
&access_token=page-access-token" Sample API Response
{
"id": "{comment-id}"
}