Guaranteed 100% Facebook, Instagram and WhatsApp Approvals & App Review
Quick Transfer Ready to use app available for Facebook, Instagram and WhatsApp
Guaranteed 100% Facebook, Instagram and WhatsApp Approvals & App Review
Quick Transfer Ready to use app available for Facebook, Instagram and WhatsApp
Facebook Pages API · Meta App Review

Facebook Page API Permissions: Why pages_manage_posts and pages_read_engagement Require App Review (2026)

Social media schedulers, agency dashboards, and page analytics tools all need Facebook Page API permissions. Every one of them hits the same wall: App Review.

If you are building an app that publishes posts, reads engagement data, or moderates comments on Facebook Pages you do not personally own, you need a set of permissions that Meta will not grant by default. The core Page management permissions — pages_manage_posts, pages_read_engagement, pages_show_list, and others in the cluster — all require a full Facebook App Review before your app can use them on real client Pages.

Standard Access works temporarily while you test with Pages your own test users administer. The moment your app needs to access or manage a Page that belongs to a client or subscriber, every permission needs Advanced Access — and Advanced Access means passing App Review.

The Facebook Page API permission cluster

pages_manage_posts

Required to publish, edit, schedule, and delete posts on a Page. The core permission for any social media publishing tool. Without it, your app can only read — it cannot post on behalf of a Page.

pages_read_engagement

Provides access to Page likes, followers, tagged posts, and post-level engagement metrics. Required for analytics dashboards and reporting tools. Often bundled with pages_manage_posts but reviewed separately.

pages_show_list

Returns the list of Pages a user manages. Needed for any app that lets users connect multiple Pages. Without it, the app cannot discover which Pages the authenticated user has admin access to.

pages_manage_engagement

Required to like, comment, reply to, hide, or delete comments and posts on a Page. Essential for community management tools and inbox moderation features. Chatbot and automation tools need messaging permissions approved to run on Messenger, and our Facebook Messenger bot App Review guide explains why bots get rejected or restricted.

pages_read_user_content

Allows reading of visitor-generated content — posts by the public, comments from followers. Needed for sentiment analysis tools, social inbox platforms, and moderation flows.

pages_manage_metadata

Required to subscribe to real-time Page webhook events and read Page metadata. Needed for notification and integration tools that listen for Page activity as it happens.

⚠️ Requesting unneeded permissions is the fastest route to rejection

Meta reviewers test whether your app actually uses every permission it requests. If a permission appears in your submission but serves no visible function in the screencast or use-case explanation, the entire submission is at risk. Apps requesting pages_manage_posts when the screencast only demonstrates read operations get rejected — not approved with fewer permissions, rejected.

Who gets blocked by these permissions

Any app that works with Facebook Pages on behalf of someone else — a client, a subscriber, a business owner — runs into this gate. The most common affected projects include social media scheduling and bulk publishing tools, agency dashboards managing multiple client Pages, Page analytics and performance reporting platforms, community management and inbox moderation tools, and SaaS platforms integrating Facebook Page posting through the API.

The pattern is always the same: the app works in development while the developer's own test Pages are connected. The first real client connects, Standard Access stops working, and the developer discovers that Advanced Access — gated behind App Review — is the only path forward.

What App Review actually involves for Page permissions

  1. Select the use case and request only what you need

    In Meta's App Dashboard under App Review, select the use case that matches your product. Each use case bundles a set of permissions. Only request permissions your app genuinely uses — Meta's reviewers will check each one against your screencast. Unverifiable permissions trigger rejection for the full submission.

  2. Write a specific use case justification per permission

    For each permission, Meta requires a written explanation of exactly how your app uses it, what user benefit it enables, and how the data is handled. Generic answers like “we post content to Pages” fail. Reviewers need to understand the specific user flow, what action the permission enables, and what happens to the data after it is accessed.

  3. Record a screencast for every permission requested

    A video demonstration is required for every permission. The recording must show a complete, working user flow: a test user with actual Page admin role, granting the permission, navigating to the specific feature, and the permission performing the exact function stated in the justification. A single missing step — an unshown permission grant, an incomplete flow — means rejection for that permission.

  4. Complete Meta Business Verification first

    Advanced Access for all Page management permissions requires a verified business in Meta Business Manager. Meta Business Verification is a separate, multi-step process that must be completed before App Review can grant Advanced Access. An unverified business cannot receive Advanced Access regardless of how strong the App Review submission is.

  5. Make the app fully accessible to reviewers

    Meta will attempt to access and test the app directly during review. If the app is behind a login wall they cannot pass, a staging environment that is offline, or a URL that returns an error, the entire submission is rejected. The app must be live and publicly testable at the time of submission.

  6. Submit, monitor, and handle rejections per permission

    After submission, Meta reviews the use case, justification, and screencast for each permission individually. Typical review times run 2–7 business days. A rejection on any single permission requires a corrected resubmission and resets the review clock for that permission. Complex submissions covering five or six Page permissions regularly take longer than first-time developers expect.

Each rejected permission is a 2–7 day resubmission cycle. A tool requesting five Page permissions that gets one rejection per permission can spend six to eight weeks in review before the app is fully cleared for real client use. The preparation quality before the first submission determines how many of those cycles you face.

The outcome

All requested Page API permissions approved at Advanced Access — pages_manage_posts, pages_read_engagement, pages_show_list, and others — so your app can publish, read, and manage Facebook Pages for real client accounts without Standard Access restrictions blocking production use.

Common reasons Facebook Page API submissions get rejected

  • Requesting pages_manage_posts or pages_manage_engagement when only read operations are shown in the screencast — submission and video must match exactly.
  • Screencast uses a personal profile or Business Manager preview rather than a test user with actual Page admin role — Meta cannot verify the permission grant flow.
  • Use case justification is too generic without describing the specific user workflow, data handling, and end-user benefit per permission.
  • App is behind a login screen, staging password, or non-public URL — Meta cannot test it and rejects the whole submission.
  • Business Verification not completed before submitting for Advanced Access.
  • Requesting pages_show_list without showing a feature that actually uses the returned Page list in the screencast.
  • Privacy policy does not reference the specific data types collected via Page engagement and user-generated content permissions.
  • Requesting the full use-case permission bundle including pages_manage_engagement when the app only needs to publish — unused permissions in the bundle are tested individually.

Note: Meta makes all App Review and permission approval decisions independently. Review timelines and outcomes depend entirely on Meta’s process and cannot be guaranteed by any third party. This post describes the App Review preparation and submission process based on publicly available Meta developer documentation — it is not an official Meta service or partnership, and no approval outcome can be guaranteed.

Related: What is Meta Advanced Access — explaining the difference between Standard and Advanced Access and why it gates Page API permissions; the Meta App Review rejection fix service for apps already in a rejection cycle; and the full Facebook App Review service for done-for-you submission support across all Page permissions.