| CARVIEW |
Select Language
HTTP/2 200
vary: Accept-Encoding
content-encoding: gzip
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-frame-options: DENY
content-security-policy: default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-dfuRswHb' blob: 'self' connect.facebook.net 'unsafe-eval' https://www.googletagmanager.com/gtag/js https://www.googletagmanager.com https://*.google-analytics.com https://translate.google.com *.google.com gw.conversionsapigateway.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://analytics.google.com https://*.analytics.google.com https://*.google-analytics.com https://*.googletagmanager.com https://stats.g.doubleclick.net gw.conversionsapigateway.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com https://*.google-analytics.com https://*.googletagmanager.com https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net *.doubleclick.net *.tenor.co *.tenor.com *.giphy.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/ dc.ads.linkedin.com analytics.twitter.com t.co;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data: 'unsafe-eval';block-all-mixed-content;upgrade-insecure-requests;
document-policy: force-load-at-top
document-policy: include-js-call-stacks-in-crash-reports
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
origin-agent-cluster: ?1
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: YTB4yQjFIkEC9+bc7yOrsutdRrQ/EeDNviTMpryd2SFKQSwO2h1PWwBqPA7ubvISDJqpUPRwqDWGMr/vGK1vZQ==
date: Thu, 31 Jul 2025 07:42:59 GMT
x-fb-connection-quality: UNKNOWN; q=-1, rtt=-1, rtx=0, c=10, mss=1380, tbw=3535, tp=-1, tpl=-1, uplat=2786, ullat=0
alt-svc: h3=":443"; ma=86400
Graph API Reference v23.0: Canvas Photo - Documentation - Meta for Developers
Graph API Version
Canvas Photo
Reading
A photo inside a canvas
Example
use FacebookAds\Api;
use FacebookAds\Http\RequestInterface;
$params = array(
'fields' => array(
'action',
'id',
'name',
'photo',
),
);
$data = Api::instance()->call(
'/' . <CANVAS_PHOTO_ID>,
RequestInterface::METHOD_GET,
$params)->getContent();curl -G \
--data-urlencode 'fields=[
"action",
"id",
"name",
"photo"
]' \
-d 'access_token=<ACCESS_TOKEN>' \
https://graph.facebook.com/v2.11/<CANVAS_PHOTO_ID>Parameters
This endpoint doesn't have any parameters.Fields
| Field | Description |
|---|---|
idnumeric string | The id of the element |
actionCanvasOpenURLAction | The action associated with the photo |
bottom_paddingnumeric string | The padding below the element |
deep_linkstring | Deep link destination only for mobile apps (used for mobile install or engagement ads, and app link is supported) |
element_group_keystring | The element group key to bundle multiple elements in editing |
element_typeenum | The type of the element |
hide_product_pricesbool | Flag to determine whether or not to hide prices for tagged products |
namestring | The name of the element |
photo | The facebook photo node |
product_tagslist<CanvasProductTag> | The product tags on the photo |
styleenum | The presentation style of the photo node |
top_paddingnumeric string | The padding above the element |
Error Codes
| Error | Description |
|---|---|
| 368 | The action attempted has been deemed abusive or is otherwise disallowed |
Creating
You can't perform this operation on this endpoint.
Updating
You can't perform this operation on this endpoint.
Deleting
You can't perform this operation on this endpoint.
Add Product Tags
Create an ads experience that mimics browsing a printed, lifestyle catalog featuring desired products to promote. You can tag featured products in the image and a tag appears on the image.
This API is available on a limited basis to partners and advertisers that are on the allow list. Contact your Facebook representative if you want to use this API.
When someone taps the tag, a thumbnail for that product appears in a rotating group of thumbnails, including all tagged products. Someone can tap the thumbnail to be taken to the product's product detail page. This uses the photo with product tags element API. For example:
curl
-F 'canvas_photo={
"bottom_padding": 20,
"name": "Instant Experience Photo Name",
"open_url_action": {"url":"URL"},
"photo_id": "PHOTO_ID",
"style": "FIT_TO_WIDTH",
"top_padding": 20,
"product_tags": "[{product_id: PRODUCT_ID, coordinates: [0.65, 0.58]}, {product_id: PRODUCT_ID}]"
}'
}'
-F 'access_token=ACCESS_TOKEN'
https://graph.facebook.com/VERSION/PAGE_ID/canvas_elements
The options available for product tags are:
| Field Name | Description | Type | Required |
|---|---|---|---|
| Provide a list of products for the photo |
| Yes |
| Product id for tapped photo |
| Yes |
| Spot coordinates on the photo. |
| No. If none specified, there is no spot on the photo |