I am using Facebook long time tokens(2 months), but FB starts to be nondeterminic and gives me sometimes this return
{
"error": {
"message": "Cannot access application using the specified access_token",
"type": "OAuthException",
"code": 1
}
}
I am using PHP SDK.
I am using this link to get 2 months token
https://graph.facebook.com/oauth/access_token?client_id=APP_ID&client_secret=APP_SECRETgrant_type=fb_exchange_token&fb_exchange_token=SHORT_TIME_TOKEN
Any ideas?
I was experiencing this issue, and got some support direct from FB staff. The most likely cause of this error is "demographic checks" for the user.
Our app had an age-gate as it was alcohol related. Certain users' profiles did not contain enough information for FB to ensure they were above the drinking age for their location, so the session creation failed. Why this only happened on this call and not on earlier ones, I don't know.
Does your app have an age-gate, or anything similar?
You have the missing & between APP_SECRET and grant_type.
Also, there seem to be a Fb bug on this issue - http://developers.facebook.com/bugs/536272816386515?browse=search_50a37bb1c333b4253892226
Be sure that you extend the tokens immediately after you get the "SHORT_TIME_TOKEN". You can extend user tokens only ( not page tokens ). Be sure that you get a correct "Short time token" before you extend it.
Also, check for "sandbox mode " in your app. It may cause problems when extending tokens. Try switching it to "false".
Hope that helps.
Your query is missing an & after APP_SECRET, before grant_type. It should read:
https://graph.facebook.com/oauth/access_token?
client_id=APP_ID&
client_secret=APP_SECRET&
grant_type=fb_exchange_token&
fb_exchange_token=SHORT_LIVED_ACCESS_TOKEN
Source: Extending Access Tokens on Facebook Developers.
Edit: If the OP means that out of the current app user base, some users experienced expired sessions and reported the issue, the wrong query string is a possible explanation.
The error would result in the access_token not being extended, but log-in will be still be granted with the shorter-lived access token. In this case the faulty query string was in the code base all along, but was only discovered when live users' access_tokens expired earlier than expected, coinciding with "the app [..] used by many people".
If the OP means that using the correct query (and not the one stated in the question) out of many calls from the same client a subset returns with error, then my explanation isn't valid.
It sounds as if some of your users are erroneously being issued tokens that have a short lifespan instead of the extended ones you ask for.
It is possible you have stumbled upon a known bug with the extended access tokens. Check this bug report on facebook for more information about it as well as this question, although to my knowledge there's no real workaround.
Related
So, I've read conflicting information about this bit. But we've received complaints that users are unable to import their events in our application, although we have an approved App that has the "user_events" permission.
In short, the response when querying me/events using a user access token of the mentioned app is empty:
Edge: me/events
{
"data": []
}
Now, the funny part is, if you are a developer of the application in question, the endpoint will happily send you your own events over the API.
Is this intended behavior according to https://developers.facebook.com/docs/graph-api/reference/user/events/?
This edge is only available to a limited number of approved apps. Unapproved apps querying this edge will receive an empty data set in response. You cannot request access to this edge at this time.
Was there any communication about this? We have updated our application after they restricted the public access in May to use the user_events permission, but it looks like this access is now disabled as well, and even in a very sneaky way that makes it very hard to detect? Also, I did not read anything about this in any breaking change logs?
I'm just searching for clarification, because there is no way to properly contact Facebook regarding this issue.
I'm going step-by-step Nest REST Quick Guide and now blocked with error response during attempts to obtain an access token.
Response is:
{"error":"client_not_active","error_description":"client is not active","instance_id":"here_is_something_looks_like_guid"}
I've checked Error Messages Guide, and it helps me a lot to understand that "Client not active". Useful, huh?
So which client and how to activate it?
I have a home simulator working, also I've registered a so-called 'product', which I want to develop (so I have Product ID, Product Secret, Authorization URL and Access Token URL).
[Upd]
For all operations I've used curl.
However with Firefox addon which sends POST data I'm able to obtain the access_token. So I keep the question, but so far will stick to browser.
This means the your product/client has been deactivated, most likely due to a violation of the Terms of Service. Is the problem consistently occurring?
Post LinkedIn changes (around May 2015) have disabled our use of the share feature, via API call using the URL http://api.linkedin.com/v1/people/~/shares?format=json. We are now receiving a "403 authorization failed".
Steps taken to rehabilitate our share function:
Confirmed that ClientId & Client Secret keys are still the same as being used in our app
The Default Application Permissions have been confirmed, w_share is selected...which used to be rw_share (no longer available). Other selections made are r_basicprofile, r_emailaddress, & rw_company_admin...which are seemingly not related.
Authorized Redirect URLs are still applied for the domain we are using our application under.
Content type has been set to "application/xml", as suggested by other postings.
We have tried for months...hoping that any post changes to LinkedIn would have resolved our problem, yet nothing we have researched has helped. We figure that this might be a glitch from the permission modification update done by LinkedIn...since our code has never change, yet has worked for 2+ years prior to the May 2015 changes.
We would appreciate any insight as to what is going on here....as we are continuing to have this problem.
I found the problem, it was because the security of Linkedin changed. We had to had to alter the statement:
System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Ssl3;
to this:
System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls;
If you are relying on the "default application permissions", you may also want to double check that your OAuth code is not still requesting the old (no longer available) member permissions (e.g. rw_nus) via the ?scope= URL parameter, which will trump the "default application permissions" settings you've defined in your LinkedIn app's config.
Otherwise, the w_share permission should still be providing you the ability to post a share to LinkedIn.
Really odd situation that just started to occur. I have an App Token that's valid and can receive data on certain accounts. The problem is that it's not always consistent, some account work perfectly, but some are returning blank responses. I've never seen anything like it.
Does anyone have any ideas? If I fudge my access token a bit, it'll respond with the correct errors, but it seems like everything correct and I get nothing.
My endpoint is /account_id/posts?access_token=xxxxxXXXXxxxxXXXxXxxx
This might be related to the page having some type of demographic restrictions enabled. When this happens a user token is required to pull some information so FB can check to see if the restriction is applicable.
My application, created today, runs fine when I use it with my account. On any other account however, the following error is sent back as a response:
message: "(#298) You must be a developer of the application"
type: "OAuthException"
The exact code I'm using to send the request is this:
FB.api('/me/threads', {limit: 1000}, function(response){ ....
I have found someone experiencing the same problem, but the response he accepted didn't really provide any useful information. ( Reading over inbox, I get error #298).
Anyone have a clue on how to solve this? Would be greatly appreciated!
I'm guessing you have the read_mailbox permission?
Try accessing the /me/inbox connection instead?
Facebook tells you (from http://developers.facebook.com/docs/reference/api/thread/):
Please note: We are in the process of making the new messages system
available to all users, at which point this API will replace the
/inbox/ Graph API endpoint. We are providing early access to this API
for registered developer accounts only until the new messaging system
is broadly available. You should use the /inbox endpoint for
production applications at the current time.
That is, only the current apps developers will be able to use the threads-connection for now (but it will be available later).
It looks like your other account doesn't have a developer license/flag/attribute, thus failing the authentication check.