问题
I need to get FaceBook access token using appid and app secret in C# windows application. Actually i did below coding, but getting app token only not getting the access token.
how to achieve to retrieve access token.?
FacebookClient client = new FacebookClient();
dynamic result = client.Get("oauth/access_token", new
{
client_id = "1498796747020950",
client_secret = "c50341f5b4e42a595f0791467f439e38",
grant_type = "client_credentials"
});
var accessToken = result.access_token;
回答1:
The token that you are requesting is an app access token which can not be used with every API call (instead its usage is very limited).
Let me try to elaborate the access tokens and OAuth 2.0 to make the concepts clear.
OAuth 2.0
With the standard OAuth 2.0 implementation, the first step is to invoke the OAuth Dialog of the service provider (facebook)-
\GET http://www.facebook.com/dialog/oauthParameters-
client_id(APP ID)redirect_uri(App's Redirect Url)scope(permissions - optional)
Returns-
code(appended with the redirect url)
After the user successfully authenticated the app, a
codeis returned by the service provider(facebook) appended with theredirect_urlpassed. So you'll be redirected to-{redirect-url}?code=XXXXXXXXXXXXXXXXXWe use this
codethen and request for theaccess_token-\GET https://graph.facebook.com/oauth/access_tokenParameters-
client_id(APP ID)client_secret(APP Secret)coderedirect_uri
If you dont want to build this manual flow, you can use the SDKs that take care of this flow. It will just invoke the outh dialog and if success will give you the access token in response. Facebook provides official SDKs for iOS, Android, Javascript and PHP; also there are other third-party SDKs. Now this will give us an access token, to be more precise- a user access token. This is only process required to obtain a user access token (i.e. user engagement is required). What you were requesting was an app access token, I'll now elaborate facebook access tokens-
Access Tokens
There are 3 types of access tokens to support different use cases:
User Access Token - The user token is the most commonly used type of token. This kind of access token is needed any time the app calls an API to read, modify or write a specific person's Facebook data on their behalf. I've explained the detailed process of obtaining this token.
App Access Token - App access tokens are used to make requests to Facebook APIs on behalf of an app rather than a user. This can be used to modify the parameters of your app, create and manage test users, or read your application's insights. App access tokens can also be used to publish content to Facebook on behalf of a person who has granted an open graph publishing permission to your application.
Except these there's nothing an app access token can do. And its like a password of your app so it is important that your app secret is never shared with anyone. This can be obtained by the API call that you have mentioned in the question-
GET /oauth/access_token? client_id={app-id} &client_secret={app-secret} &grant_type=client_credentialsor directly from here, or simply use
{app-id}|{app-secret}Page Access Token- Page access tokens are used in Graph API calls to manage Facebook Pages. To generate a page access token, an admin of the page must grant an extended permission called
manage_pages. Once this permission has been granted, you can retrieve the page access token using the following Graph API request:/GET /{page-id}?fields=access_token
Reference
I'm not really sure if this all was significant to you but I hope it helps you clearing some doubts regarding the same.
If the app access token is significant to you, you can use it by any of three methods I've mentioned. If not, user access token is what required to you which cannot be obtained without user interaction.
来源:https://stackoverflow.com/questions/24401241/how-to-get-a-facebook-access-token-using-appid-and-app-secret-without-any-login