facebook-access-token

I'm using chrome.identity in a packaged app to get a user token using Facebook. I call chrome.identity.launchWebAuthFlow, and I need to take the access token, send it to the server, and then access token is used to verify the user. Works great with Google+. But for some reason, it doesn't work for Facebook. For some reason, Facebook's OAuth appears to be special. I've added the extensionid.chromiumapp.org to the list of redirect URLs in the API. Added "https://extensionid.chromiumapp.org/*", "https://facebook.com/*", "https://www.facebook.com/dialog/", "https://graph.facebook.com/*" to

I am working on facebook page wallpost automation using python I have automated posting on a fb page that i own by using facebook graph api post So i do this by sending a HTTP POST request to https://graph.facebook.com/mypagename/feed with access_token and message as POST paramaters I generate the access token by using graph api explorer by selecting my app that i am using and giving it permission to manage my pages Intitially the access_token use to expire in 2 hours To extend the expiry date to 2 months i send HTTP GET request to this url https://graph.facebook.com/oauth/access_token?client

I would like to know if it is possible to have an access token that never expires for post to my page Now I get the access token with: https://graph.facebook.com/me/accounts I have publish_stream and manage_pages permission, but using the Access Token Debugger I see that the token expires in about 1 hour. Is there a way to never expires? See facebook developers : By using a long-lived user access token, querying the [User ID]/accounts endpoint will now provide page access tokens that do not expire for pages that a user manages. So, you have to exchange your initial shortlived token for a

I think this might effect a lot of Facebook/Android developers and yet there does not seem to be that much discussion on the topic... My question Has anyone successfully refreshed a token using the extendAccessTokenIfNeeded function? If you did have success, what version was the device (or emulator) running? Background I received an email from Facebook saying the offline_access permission will be deprecated from May 1st 2012 and Facebook recommended upgrading to their latest SDK. Fine. I upgraded to the latest SDK, the official Facebook app is installed on my device and (eventually!) Single

I did a very simple PHP script, just to try to login via Facebook and get an accessToken. But when I try the following code, I get an Exception from the SDK : « Cross-site request forgery validation failed. Required param "state" missing. ». Here is my code : require_once __DIR__ . '/facebook-sdk-v5/autoload.php'; session_start(); $fb = new Facebook\Facebook([ 'app_id' => '{my-own-app-id}', 'app_secret' => '{my-own-app-secret}' ]); // Check to see if we already have an accessToken ? if (isset($_SESSION['facebook_access_token'] )) { $accessToken = $_SESSION['facebook_access_token']; echo

I'm trying to access scores through the Facebook API to get a list of scores of my friends. When I try to access /[facebook id]/scores , I get the following error even with my app access token: FacebookApiException [ 0 ]: A user access token is required to request this resource. ~ APPPATH/classes/basefacebook.php [ 1039 ] How do I get a user access token? Updated: After reading http://developers.facebook.com/docs/reference/api/permissions/ , I've confirmed that the app access token and user access token are two different access tokens. The question still remains, how do I get a user access

On every call to my REST API, I require clients to pass user's facebook access token, which authenticates the user. What's best practice for passing this token? maybe as a parameter behind the HTTP question mark GET /api/users/123/profile?access_token=pq8pgHWX95bLZCML or somehow in the header of the request, similarly to HTTP basic authentication maybe a third option? (I've excluded passing it in a JSON because I want the token get passed in GET calls as well, so JSON wouldn't fit there I think) If you look at the API endpoints provided by all popular OAuth providers (Google, Facebook, Pocket,