Why platform API reviews take weeks (not days)

Why reviews exist

After years of high-profile scandals — Cambridge Analytica being the most visible — social platforms tightened control over what third-party apps can do with their APIs. The platform review process is the mechanism for that control.

Before your app can request certain sensitive permissions in production — posting on behalf of users, reading their followers, accessing direct messages — a human (and sometimes automated system) at the platform reviews your use case, your privacy policy, and a demonstration of how you use the data.

The intent is reasonable. The execution varies enormously by platform.

Meta's review process

Meta runs the most thorough review process of any major social platform, and it is the one that causes the most delays.

To request production access for permissions like pages_manage_posts (posting to Facebook Pages) or instagram_content_publish (posting to Instagram), you need to submit an App Review request that includes:

• A video screencast (not a static screenshot) demonstrating each permission in your actual app UI
• A written explanation of exactly how and why your app uses each permission
• Your app's privacy policy URL
• In some cases, a test account Meta can use to verify functionality

Once submitted, initial review typically takes one to two weeks. If they have questions or require changes, you fix and resubmit — and the clock resets. It is not uncommon for the full process to take four to eight weeks when iterations are needed.

What slows reviews down most: vague use case descriptions, screencasts that do not demonstrate the permission being exercised, or privacy policies that do not clearly address the data collected through that specific permission.

Meta's review is non-negotiable for production access. Development mode limits you to users who are explicitly added as test accounts — which means you cannot ship to real users without approval.

LinkedIn's partner program

LinkedIn's approach is different from Meta's but no faster. Their Community Management API — the one you need to post content on behalf of users or company pages — requires applying to their partner program.

The partner program application asks for your company name, website, product description, and a detailed explanation of how you plan to use the API. LinkedIn then evaluates whether your use case aligns with their partner program terms and whether you are an established company rather than an individual developer.

Timeline: typically two to six weeks for initial response, with follow-up questions extending that. LinkedIn is less transparent than Meta about their criteria, which makes it harder to predict whether your application will be approved on the first submission.

One specific gotcha: LinkedIn distinguishes between member posting (posting as an individual user) and organization posting (posting as a company page). These can require separate approvals.

TikTok's approval flow

TikTok's developer platform went through a major overhaul in 2023 when they deprecated the old TikTok for Developers APIs and launched the new TikTok API v2. The migration changed approval requirements significantly.

For the Content Posting API — which allows posting videos on behalf of users — TikTok requires you to apply for the Content Posting API scope separately from standard OAuth registration. This involves submitting a use case description and agreeing to additional terms around content policies.

TikTok's review timeline is the least predictable of the major platforms. Reviews can take anywhere from one week to several months depending on the volume of applications they are processing. There is limited feedback when things are delayed.

An additional complication: TikTok's API access has historically been subject to geopolitical considerations. EU developers should be aware that access policies can change with limited notice.

What makes reviews fail

Having been through these processes, here are the most common reasons reviews come back with rejections or requests for changes:

• Privacy policy gaps. Your privacy policy must explicitly mention the platform, the specific data you collect through it, and how you use it. Generic privacy policies that do not name specific platforms will fail.
• Incomplete screencasts. For Meta specifically, every permission you are requesting must be demonstrated in the video. If you are requesting five permissions and your video only shows three, they will ask you to resubmit.
• Overreaching scope. Requesting permissions you do not need raises flags. Only request what your app actually uses, and be specific about why each one is necessary.
• Missing error handling. Meta in particular wants to see that your app gracefully handles permission denial — not just the happy path.
• No clear user benefit. Reviewers need to understand what value this provides to the end user. "We store their data for analytics" is not a compelling answer.

The timeline reality

Here is the honest picture for a product that wants to post to Facebook, Instagram, LinkedIn, and TikTok:

• Meta: 2–8 weeks
• LinkedIn: 2–6 weeks
• TikTok: 1–12 weeks

These run in parallel if you submit simultaneously, but they rarely come back at the same time. Plan for the longest one to be your blocker. If your product launch depends on all platforms being live, add a multi-week buffer — and accept that you may not control whether that buffer is enough.

This is a real constraint that cannot be engineered around. The review process is controlled entirely by the platforms.

How SocialRouter handles this

SocialRouter has already been through the review process for every platform we support. Our apps hold production access to their APIs. When you connect SocialRouter to your product via our API, you are posting through our approved applications — not starting a new review cycle.

That means the 2–8 weeks of waiting is not your problem. You get API key, make a call, and post. The review queue we sat in is already behind us.

When platforms launch new APIs or require re-review for new functionality, we handle that too. Your integration does not break when Meta's App Review team changes their requirements.

Interested in how it works end-to-end? Read the API documentation or reach out directly — I am happy to walk through it.