Facebook access token invalid with message "session does not match current stored session"?

Question

I have recently started getting this error while posting to facebook newsfeed stream of an app user, I do have an offline access permission for the access tokens, and they worked fine previously. This error is coming for 30-40% of the users.

"Error validating access token: Session does not match current stored session. This may be because the user changed the password since the time the session was created or may be due to a system error." 

Answer 1

It's possible for your access token to become invalid for a variety of reasons (expiry time passed, user changed password, user deauthorized your app, user logged out of Facebook, etc.). You should always design to account for this scenario.

If your users are active, it's easy to get a new access token from the OAuth endpoint without them having to do/see anything. If not, you should make a plan (such as emailing them) for how you will get them to return so you can get a new access token. The scenario you're describing is not necessarily unusual. You can find some code samples here for help on how to handle expired access tokens.

Answer 2

This is undocumented but I just tested it and it works with expired access tokens. Should work on access tokens that have been invalided if you know their user id, and they haven't revoked privileges to your app. First, you can verify that you still have have the permissions you need by calling using this url:

https://graph.facebook.com/userID/permissions?access_token=appID|appSecret

If you still have publish_stream permissions, you can issue a HTTP POST to this url:

https://graph.facebook.com/userID/feed with post parameters of access_token=appID|appSecret&message=test message