I'm new to integrating facebook into the websites I'm working on and trying to get a long term access token by following the instructions here: https://developers.facebook.com/docs/facebook-login/access-tokens/ Even when using the Graph API Explorer here: https://developers.facebook.com/tools/explorer/ I enter the following and populate it with my AppID and AppSecret and current token I get when I press Get Access Token...
GET /oauth/access_token?
grant_type=fb_exchange_token&
client_id={app-id}& client_secret={app-secret}& fb_exchange_token={short-lived-token}
I get the return
{ "error": "Invalid response" }
Can someone elaborate on what I might be doing wrong, or the steps in greater detail that works for you in acquiring this long term token.
I've tried to follow what's happening in this thread Facebook Page Access Tokens - Do these expire? with no more success. Any help would be greatly appreciated.
Thanks for your time and help. Cheers,
-Ryan
Using a valid, long-lived access token, your server sends a request to get a code from Facebook. Facebook sends a code back to your server and you securely send this code to the client. The client uses this code to request a long-lived token from Facebook.
When your app uses Facebook Login to authenticate someone, it receives a User access token. If your app uses one of the Facebook SDKs, this token lasts for about 60 days. However, the SDKs automatically refresh the token whenever the person uses your app, so the tokens expire 60 days after last use.
You can't get the long-lived user token
using the Graph API Explorer
. You have to make a GET
request to:
https://graph.facebook.com/oauth/access_token?
grant_type=fb_exchange_token&
client_id={app-id}& client_secret={app-secret}& fb_exchange_token={short-lived-token}
You can check it in the browser.
If you need the page access token
, you can have a never expiring token. Check out the accepted answer here: What are the Steps to getting a Long Lasting Token For Posting To a Facebook Fan Page from a Server
So I thought I'd revisit this and provide the documentation I wrote that will hopefully help someone else get this happening!
ONE. Create Application
Create an application associated with the user of the page you want to have access to.
TWO. Get Required Pieces of Info
After creating an App we should have two key pieces of info:
App ID: AAAAA (should be about ~15 characters long)
App Secret: BBBBB (should be about ~32 characters long)
With these by going to https://developers.facebook.com/tools/explorer Making sure to select the correct Application from the Dropdown Box at the top.
Click on Get Access Token and get a ‘fresh’ token.
Here you'll need to select appropriate permissions for your specific app's purpose.
CCCCC (should be ~200 characters long)
THREE. Get Long Life Token (2 Month)
You should then have the pieces of info needed to run the query to get a long-term (2 month) token:
https://graph.facebook.com/oauth/access_token?grant_type=fb_exchange_token&client_id={app-id}& client_secret={app-secret}& fb_exchange_token={short-lived-token}
Replace {app-id}, {app-secret} and {short-lived-token} with the three bits of info you’ve taken note of so far.
You should get a request like the following:
https://graph.facebook.com/oauth/access_token?%20grant_type=fb_exchange_token&%20client_id=AAAAA&%20client_secret=BBBBB&%20fb_exchange_token=CCCCC
Place this query into the url bar of an internet browser. You should get a response in the window that looks something like the following:
access_token=DDDDD&expires=5184000
DDDDD (should be ~200 characters long)
FOUR. Test Token (Part 1)
If you enter the highlighted part into the input on the following debug site:
https://developers.facebook.com/tools/debug/
It should give you an expiry of approximately 2 months.
FIVE. Get Non Expiring Page Token
Now taking note of this new long-live-token we’ll use this to get a token that doesn’t expire, unless the associated application is removed from a user’s access or deleted. We use either the page name or preferably page-id when making the request:
You can get your facebook page id using something like http://findmyfacebookid.com/ We'll refer to your page id as EEEEE
https://graph.facebook.com/{page-id}/?fields=access_token&access_token={long-live-token}
You should get a request like the following:
https://graph.facebook.com/EEEEE/?fields=access_token&access_token=DDDDD
This will return something like the following: { "access_token": "FFFFF", "id": "131062838468" }
FFFFF (should be ~200 characters long)
SIX. Test Token (Part 2)
Take the highlighted part and enter it into the debug page and you should get something that shows the token never expires and you’ve been successful in acquiring your never expiring page token.
SEVEN. High Five!
Sorry for the long list of how to achieve this, but I find it better to give the whole process instead of just a small snippet. Let me know if you find this helpful or you have a better way of achieving any of the steps.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With