I want to create an application that will login me with facebook eachtime with out asking username and password. How I can store the facebook password or access token to login
Read: https://developers.facebook.com/docs/authentication/ to discover how to authenticate, get a token then you can use it in your app to access the Graph API.
Note that tokens can only last up to 60 days.
Related
I'm building an app that requires a Facebook Authentication Token.
Google'ing it I end up on https://developers.facebook.com/docs/facebook-login/access-tokens
This names the following tokens:
User Access Token
App Access Token
Page Access Token
Client Token
Are any of these a Facebook Authentication Token?
If not, how do you get one?
I ended up using this tool here:
https://smashballoon.com/custom-facebook-feed/access-token/
I am administrator of facebook page which DOES NOT have a classic facebook account assigned. So I am not able to create any facebook application as you can see in Picture 1. How can I obtain long lived (never expiring) page access token, which I need to use Graph API? I need to post messages to the facebook page from my server.
Thanks for advice
You do need a User account that is admin of the Facebook Page in order to get a Page Token. Without a User account, it is not possible.
HereĀ“s what you need to do:
Authorize the User account in the App - which means, get a User Access Token
Extend the User Token
Get an Extended Page Token with /me/accounts or /[page-id]?fields=access_token
Some Links for more information:
https://developers.facebook.com/docs/facebook-login/access-tokens/
http://www.devils-heaven.com/facebook-access-tokens/
http://www.devils-heaven.com/extended-page-access-tokens-curl/
Having an application token, a user who authorized the application with manage_pages permission, how can I access to the pages this particular user is admin of?
You can't, you need a user access token for that permission as outlined in the docs
https://developers.facebook.com/docs/reference/api/user/ (look for accounts)
You don t need an application token but a user access token to access those pages
I have a Facebook app and I can retrieve the App Token by calling
https://graph.facebook.com/oauth/access_token?
client_id=YOUR_APP_ID
&client_secret=YOUR_APP_SECRET
&grant_type=client_credentials
as specified on the Authenticating as an App page. I see this app token is also available in the Access Token Tool page along with a User Token for the app. I need the User Token in order to do a /USER_ID/accounts on users that have already approved my app with the manage_pages permissions.
Basically I wish to post to a users Facebook page when they submit an article to my app. Some users are in locations where Facebook is blocked, thus I can't use the regular Javascript SDK.
Edit 1: I understand the concept of user access tokens and retrieving them via the SDK with the OAuth redirect. My question is in regards to the User Token for an app as seen in the Access Token Tool page, not a user access token (which requires client access to Facebook)
In order to get a user token without using the javascript SDK, you need to authenticate the user using the OAuth dialog redirect. Essentially, you prompt the user to fetch a code from Facebook that you can exchange for an access token. At this point you should store the access token and re-use it for all requests that require authentication. Keep in mind though that you will need to detect when the token is expired or invalidated, and if so you will need to re-issue the authentication redirect & token exchange process.
My situation is this: in my site I have username and password (of my Facebook account) stored in 2 php variables: $user and $password. Now I want to log in my Facebook account with those access data. Then, how can I send user and password to Facebook API without "passing" through the standard Facebook login form?
Thanks :)
Short answer: you cannot do that.
You can't pass username and password to Facebook for authentication. Username and password can only be entered into the Facebook authentication form, either through a redirect or iframe pop-up.
Requesting and storing Facebook user passwords is a violation of Facebook platform policy.
You can get an access token after going through the authentication dialog, and that access token can be used to take actions on behalf of the user or access their Facebook information without further authentication for as long as the access token is valid. Access tokens expire, but you can extend them up to 60 days. They also get rendered invalid through a number of other user actions such as changing the user password or manually evoking application permissions.
Facebook OAuth 2.0 documentation is here: https://developers.facebook.com/docs/authentication/