I'm building an app that requires a Facebook Authentication Token.
Google'ing it I end up on https://developers.facebook.com/docs/facebook-login/access-tokens
This names the following tokens:
User Access Token
App Access Token
Page Access Token
Client Token
Are any of these a Facebook Authentication Token?
If not, how do you get one?
I ended up using this tool here:
https://smashballoon.com/custom-facebook-feed/access-token/
Related
I created docusign jwt access token for my application manually/php sdk with consent and used that access token in the code for restapi. Expiry of access token is 1 hr. How to renew the DocuSign jwt access token without asking consent again and again? Or how to prolong the expiry of access token?
You call request_jwt_user_token again and get the token from the response. You dont need to request consent again. Have a look at the recommended best practices here
I have generated a permanent Facebook page access token through developer.facebook.com for Messenger API.
Although it is theorectically permanent, it can be invalidated if Facebook think there is security problem.
Is there anyway to renew the access token automatically?
If the Page Token is invalid, the User Token used for the Page token is invalid too. And there is no way to get or renew a User Token without user interaction. So the answer is no.
The Facebook OAuth Access Tokens Expire after a specified period, but what about Facebook OAuth authorization code? does it expire? (it does not say?)
Reference:
https://developers.facebook.com/docs/reference/dialogs/oauth/
https://datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-31#page-8
The authorization code has an expiration.
From the docs : Now that your app has authorization from the user and the code parameter stored as a variable, it should immediately exchange it for a User access token that can then be used to make API requests
The following post also mentions a facebook update informing about authorization code expiration :
OAuthException: This authorization code has been used - Facebook
I have a Facebook app and I can retrieve the App Token by calling
https://graph.facebook.com/oauth/access_token?
client_id=YOUR_APP_ID
&client_secret=YOUR_APP_SECRET
&grant_type=client_credentials
as specified on the Authenticating as an App page. I see this app token is also available in the Access Token Tool page along with a User Token for the app. I need the User Token in order to do a /USER_ID/accounts on users that have already approved my app with the manage_pages permissions.
Basically I wish to post to a users Facebook page when they submit an article to my app. Some users are in locations where Facebook is blocked, thus I can't use the regular Javascript SDK.
Edit 1: I understand the concept of user access tokens and retrieving them via the SDK with the OAuth redirect. My question is in regards to the User Token for an app as seen in the Access Token Tool page, not a user access token (which requires client access to Facebook)
In order to get a user token without using the javascript SDK, you need to authenticate the user using the OAuth dialog redirect. Essentially, you prompt the user to fetch a code from Facebook that you can exchange for an access token. At this point you should store the access token and re-use it for all requests that require authentication. Keep in mind though that you will need to detect when the token is expired or invalidated, and if so you will need to re-issue the authentication redirect & token exchange process.
I want to create an application that will login me with facebook eachtime with out asking username and password. How I can store the facebook password or access token to login
Read: https://developers.facebook.com/docs/authentication/ to discover how to authenticate, get a token then you can use it in your app to access the Graph API.
Note that tokens can only last up to 60 days.