I can request an access_token upon supplying an offline_access scope parameter to oauth. I can execute OpenGraph commands that require an access_token just fine when logged out of Facebook, and when I log back in, I don't need to create a new one.
According to this blog post, offline_access is (getting?) deprecated.
Confusions:
Why doesn't the authentication dialog display that I am requesting offline access when authenticating a user?
Is it currently safe to rely on persistent access_tokens?
Clarification greatly appreciated!
The Facebook API generally shouldn't be accessed when the user isn't online. You can update the access token anyways, and that should be good enough.
From: http://developers.facebook.com/blog/
There are no changes required for most apps, but developers utilizing
the 'offline_access' permission will have until May 1, 2012 to update
their apps.
You have some time....
Related
We are building a mobile app on behalf of a corporation and the API needs to be able to return the corporation's Instagram feed. We have found that implementing what should be a simple requirement incredibly difficult.
We need to retrieve the following Instagram post data from the corporation's feed:
image url
caption
url to post
timestamp
With this in mind we identified that we need to use the Instagram Graph API which means there are strict requirements around permissions.
Note: We are open to using any method that returns us the required data.
Using the Instagram Graph API we need to use the following endpoints:
Media (to get a list of the latest IG Media objects for a user)
IG Media to get detail about each media object
This works fine but the problem lies with getting a long-lived User Access Token. To get this kind of token we need the instagram_graph_user_media permission. The Long-Lived Access Tokens documentation says:
Long-lived tokens are valid for 60 days and can be refreshed as long as they are at least 24 hours old but have not expired, and the app user has granted your app the instagram_graph_user_profile permission.
How can the app user (the corporation) grant the app the permission? As I mentioned this is for an app on behalf of a corporation.
Any help here would be really appreciated!
Thanks
Did you go through the App review process in Facebook? Whenever there are user permissions involved, you need to go through the App review process for your app. Even though you don't use user permissions, some user permissions are pre-requisites for some business permissions.
Read the article here for more information: https://developers.facebook.com/docs/app-review
Unsure if this will be of any help, but battling exactly the same thing today came across this and it made for some intresting reading https://solrevdev.com/2020/05/28/instagram-basic-display-api.html
I am looking for help/advice on handling expired tokens (eg. user changes password) in conjunction with the realtime api. I have read the following http://developers.facebook.com/blog/post/2011/05/13/how-to--handle-expired-access-tokens/
but it appears to require a user session. Currently the only solution I can see is detecting the OAuth error and informing the user via another means such as email that they need to go through the app authorisation process again.
you can renew the fb access token, there is the feasible solution for this, kindly have look into how-to--handle-expired-access-tokens here, you can see the answer in Solution (for all scenarios) section
How to get offline access token of facebook?
I know that from recently time is out of date. And if I can't get offline access tokens.
What solutions of this problem is?
If you want to get a fresh token, simply follow this guide. You can obtain it through the JavaScript SDK, or doing a request to Oauth. In both cases the user will not notice anything unless he de-authenticated your app.
I read Facebook article about offline_access deprecation and I read that “Apps will not be able to setup a background/cron job that tries to automatically extend the expiration time”, but this is not acceptable for our application and I need to find the way how to prolong access token server-side automatically. The single solution I’m seeing now is to keep real login / password for Facebook accounts and do automatic Facebook authentication for each account to prolong the access token.
I don’t like this idea, but I can’t find anything better. Does anyone have any suggestions?
I'm building a flex application using the http://code.google.com/p/facebook-actionscript-api/ library.
Is it possible to get all the comments for an OBJECT_ID (https://graph.facebook.com/OBJECT_ID/comments) without the current user being logged in facebook. If it is, please tell me what the OBJECT_ID needs to be (post in public group or something else).
Thanks in advance.
blz
You need to request the offline_access permission. It will give you an access token that won't expire. Save it in your database and use it for your connections and it will work without the user.
More: http://developers.facebook.com/docs/authentication/permissions/
I believe Object_ID is the user, and they do not have to be logged in for you to acquire this
But...
What you probably will require is authentication of your request. I believe FB now requires that you register your webapp with them to get the necessary OAUTH signature. I think this is as of F8 2010.