I’m building a content management system and need to grab profile photos from Facebook using just the person’s Facebook username or profile URL. Is there a way to do this through Facebook’s API without making users approve my app first?
Basically I want to take something like Redirecting... and get their profile picture URL. I’ve been looking through the Facebook Graph API docs but most methods seem to require authentication tokens.
Does anyone know if there’s a public endpoint or workaround for this? I just need the profile image, nothing else from their account. Any suggestions would be helpful.
Unfortunately, this isn’t possible anymore with current Facebook API restrictions. I ran into the same issue about two years ago when working on a similar project. Facebook removed the ability to fetch profile pictures without proper authentication around 2018 due to privacy concerns. The old method using graph.facebook.com/username/picture stopped working for public profiles. Even if you find some unofficial methods or scraping techniques, they violate Facebook’s terms of service and will likely break when they update their systems. Your best option is implementing proper OAuth flow where users authenticate your app. It’s more work upfront but ensures compliance and reliability. Alternative would be asking users to upload their own profile images directly to your CMS instead of pulling from Facebook.
I’ve dealt with this exact scenario before and can confirm what others have mentioned about the API limitations. However, there’s one technical detail worth noting - if you have a Facebook user ID (not username), you can still access profile pictures through graph.facebook.com/{user-id}/picture but this requires knowing the numeric ID beforehand, which creates a chicken-and-egg problem. The username-to-ID conversion endpoints also require authentication now. I ended up pivoting my approach entirely by integrating with other social platforms that have more permissive APIs for public profile data, like Twitter or LinkedIn, though even those have become more restrictive recently. Another route I explored was using third-party services that aggregate public social media data, but the reliability and legal implications made it unsuitable for production use. The OAuth route really is the most sustainable solution despite the additional complexity.
yeah this is a no-go unfortunately. facebook locked down pretty much everything after the privacy scandals. even if you find some way to scrape the images, they’ll just change their structure and break your code. trust me, i’ve been down this road and it’s not worth the headache. just go with oauth or ask users to upload their own pics instead.