Menu
I'm getting the following error from Facebook when trying to post to a users stream.
Error validating access token: The session has been invalidated because the user has changed the password or because auth.expireSession was called.
The workflow is as follows:
Authorize with Facebook requesting scope=offline_access,publish_stream permissions (if the current user has not already authorized)
Do some work on the server (takes 5-10 minutes)
Attempt to publish to the user's Facebook stream
This code works for many users, but for some users, I get the Error validating access token error. It started frequently happening a few weeks ago, then seemed to stop, and now happen a lot again. I'm certainly not calling auth.expireSession on my end, and it seems unlikely that multiple users would be changing their password in the 5-10 minute window from authorizing to publishing. Does anyone know what might be causing this?
228
Message: Error validating access token: The user is enrolled in a blocking, logged-in checkpoint. This error message means that your Facebook user account has failed a security checkpoint and needs to log in at Facebook or the Facebook Business Manager to correct the issue.
You can simply request https://graph.facebook.com/me?access_token=xxxxxxxxxxxxxxxxx if you get an error, the token is invalid. If you get a JSON object with an id property then it is valid. Unfortunately this will only tell you if your token is valid, not if it came from your app.
The checkpoint, which takes people to the Facebook Security site, provides links to McAfee's Scan and Repair and Microsoft's Security Essentials at no charge. This latest security layer is an expansion of Facebook's own monitoring of the site for suspicious content.
If you're trying to reset your password and you receive an error citing an “invalid token” or asking you for your token, it's likely that the link you clicked on to reset your password has expired. For security reasons, passwords are never sent out across the Internet.
The message “Error Validating Access Token” occurs while using Facebook/Messenger primarily by two groups of users; one are regular users accessing messenger and other are developers who are enabling Facebook login using the API. The error message is mostly related to the security process which Facebook implements when you access its platform.
Error validating access token: The session has been invalidated because the user has changed the password or because auth.expireSession was called. The workflow is as follows: Authorize with Facebook requesting scope=offline_access,publish_stream permissions (if the current user has not already authorized)
The session in Messenger against your account is somehow invalid or has expired. The access token of Facebook which you are using with the API is expired. This happens in a lot of cases in an application’s development environment because the access token is only valid for a limited time before it has to be obtained again (for developers).
If you are using the Facebook API and access tokens for the simplest of reasons (for example using Facebook for validating the signup process in your application), make sure that it is not expired. Usually, Facebook tokens expire within 2 hours after they are requested from the Facebook server.
Anytime you get this error, you should run the user back through the auth flow. There are many reasons that either the user or we will invalidate a session. We have a how-to on this at https://developers.facebook.com/blog/post/500
78
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
