I've read that the search endpoint needs a user access token. However it expires quickly, and I'm just doing .ajax() get requests like
https://graph.facebook.com/search?q=new+york&type=event&access_token=USER_ACCESS_TOKEN
without using any SDK, just retrieving JSON data.
I'm hardcoding a new access token every hour, is it another way to do it?
One way of doing it is by using the long-lived User Access Tokens instead of the short-lived ones. You can generate a long-lived User Access Token by using your short-lived user token, your app ID and app secret by making the following call from your server to Facebook's servers:
https://graph.facebook.com/oauth/access_token?
grant_type=fb_exchange_token&
client_id={app-id}&
client_secret={app-secret}&
fb_exchange_token={short-lived-token}
You can find more info about it in the link attached and here.
Related
I am trying to make a simple Instagram post bot where I can provide a url of an image and a caption and it will post. I currently have a working python script that, will generate long life token from a fixed exchange token (generated manually at the graph api tool webpage) and will will post an image given a url.
The problem is after a while (Less than a day) the token expires and I have to manually generate another.
I can successfully generate an app access token but I don't believe you can use an app access token for posting content. Is there a way to automatically generate a user token? pref without using something like chromedriver to mimic a browser for the token generation
Any help is appreciated.
First of all, I strongly recommend you to spend a few minutes reading the References on Access Tokens.
From there you can better understand the different types of Access Tokens.
Moving on.. Make sure you are using the correct endpoint to get that Long Lived Access Token (If your token is taking only a day to expire, means you aren't).
Use the Long Lived Access Token path with the token you generated via Graph API Explorer:
curl -i -X GET "https://graph.facebook.com/{graph-api-version}/oauth/access_token?
grant_type=fb_exchange_token&
client_id={app-id}&
client_secret={app-secret}&
fb_exchange_token={your-access-token}"
App's Access Token does not give you access to Content Publishing.
For that you need to use your User Token generated on the previous step.
Make sure the User have all the Permissions needed:
ads_management, business_management, instagram_basic, instagram_content_publish, pages_read_engagement.
https://developers.facebook.com/docs/facebook-login/access-tokens/expiration-and-extension#extendingpagetokens
After reading through this documentation I was under the impression that I could get a token that never expired if I requested a short lived access token with the scope manage_pages however when I follow the documentation and use the following to get an extended token:
GET /oauth/access_token?
grant_type=fb_exchange_token&
client_id={app-id}&
client_secret={app-secret}&
fb_exchange_token={short-lived-token}
Then I place the token inside of the debugger: https://developers.facebook.com/tools/debug/accesstoken/
I get the following response:
The closest I've found to what I'm doing is this: How do you get long-lived access tokens from the Facebook Graph API (server-side auth)?
Perhapse is it another scope they requested that I didn't?
Also another thing I noticed is that due to not being a live app these are the "permissions" I have, of which manage_pages isn't one. However how could any new product work if the app needs to exist before it can function????
any and all help appreciated
Go to Facebook Graph API Explorer get your short-lived access token.
Go to Access Token Debugger, debug your short-lived access token from Step1, click the extend button at the bottom, you will get a long-lived token
Go to Facebook Graph API Explorer again, now use your long-lived token from Step2, request path /me/accounts, find the corresponding token for your target page in response data
to make sure it is the never expire token you need, debug it by Access Token Debugger
Ref: https://sujipthapa.co/blog/generating-never-expiring-facebook-page-access-token
I want to pull my most recent images from facebook's api for my personal website. I cannot seem to find a way to only authenticate my user without the login dialog. Does anyone know if this is possible? I can generate my user access token inside the graph API Explorer, but it expires in 1 hour.
How to get my own Facebook user access token indefinitely
You cannot!
But you can extend this token that will be valid for 60 days - called the long-lived token. So, if a user visits your application at least once in 60 days you can have the access to user's data indefinitely.
Simple call to get the long-lived user access token-
GET /oauth/access_token?
grant_type=fb_exchange_token&
client_id={app-id}&
client_secret={app-secret}&
fb_exchange_token={short-lived-token}
Refreshing this token- The user have to go through the login process again (calling login API) to get the short-lived token and then perform the same exchange for a fresh long lived token with 60 days expiry.
You can also debug your token anytime with-
GET /debug_token?
input_token={input-token}&
access_token={access-token} // a valid user access token or app access token
I am having problems generating long lived Access Token to update Facebook page from my desktop application.
I created a Facebook App associated with my Facebook user and stored it's app id and secret.
I created a facebook page associated with my Facebook user account.
I can create a short lived (60 minutes) access token for my app.
My desktop application is able to post to my Facebook page using the short lived access token. However, this only lasts 60 seconds and is therefore impractical.
I have been trying to generate a long lived access token using the guidance here:
Request a Page Access Token in C# SDK
However I receive an error:
"The access token does not belong to application XXXXXXXXXXXXXXX"
When I try enter my short lived access token in the debug tool the box, it confirms that the access token is mine BUT it shows a different app id.
Where does this different app id come from? I only have one Facebook app defined.
I think I might be missing a fundamental point here.
Many thanks for any help you can give.
Go back to the Graph API Explorer where you generated the token.
Make sure that you selected your app from the drop-down at the top where it says "Application[?]"
If you don't it defaults to 'Graph API Explorer' and that will be of no use to you. Once you get the token made for the correct app, try again using this URL:
(replace NNNN with the correct data)
https://graph.facebook.com/oauth/access_token?client_id=NNNN&client_secret=NNNN&grant_type=fb_exchange_token&fb_exchange_token=NNNN
Steps are:
Generate app token with the following Graph API call:
GET /oauth/access_token?
client_id={app-id}
&client_secret={app-secret}
&grant_type=client_credentials
Exchange received token for a long-lived token (60 days) with the following Graph API call:
GET /oauth/access_token?
grant_type=fb_exchange_token&
client_id={app-id}&
client_secret={app-secret}&
fb_exchange_token={short-lived-token}
that will give you long-lived token associated with your app. If you want to post on the page AS THE PAGE, then you need to get Page access token - see here for more details: https://developers.facebook.com/docs/facebook-login/access-tokens/#pagetokens
Authenticate the user and request the manage_pages permission
Get the list of pages the user manages from (1): https://graph.facebook.com/me/accounts?access_token=USER_ACCESS_TOKEN
Parse the list and get the token - and use it to post to the feed.
you will do (1) in graph API explorer - and you will get user token. Then insert that token into URL in (2) - and you will see all your pages and corresponding token. Take the one you need and use it in your C# code to upload images.
Facebook changed their Graph API recently to require an access token. Therefore I quickly made a Facebook application to be able to retrieve an access token, use a URL similar to the one below, generated my access token and implemented the token in my iPhone application. Lately I have been thinking about if I have done something wrong. Should I request the access token everytime a user of my application retrieves data from the Graph API? I am starting to doubt whether or not the access token is unique to each user or just to the Facebook application.
Can I hardcode an access token into my application or should I make a request on the URL below every time I need to retrieve data through the Graph API?
I am generating my access token with the following URL:
https://graph.facebook.com/oauth/access_token?client_id=MYID&client_secret=*MY_SECRET*&grant_type=client_credentials
Access token granted by user have expiration time. If token expired then you need to request it again. But if you ask user to grant you "offline_access" permissions then you'll have almost not limited access token. You can store it in database or file and use next time.
Here FB documentation about permissions:
http://developers.facebook.com/docs/authentication/permissions/
Enables your app to perform authorized
requests on behalf of the user at any
time. By default, most access tokens
expire after a short time period to
ensure applications only make requests
on behalf of the user when the are
actively using the application. This
permission makes the access token
returned by our OAuth endpoint
long-lived.