Take for example, when using the Koala ruby gem
To access the graph api, we initialize the graph object using the user token key. This is clear, since it contains information that we got from the successful authentication
To access the realtimeupdates api, we initialize the realtimeupdates object using the app access key, which does not seem to have require any user specific authentication information
So, when does facebook require which token?
Here is a detailed explanation on OAuth site. Link here
Related
I know how to get short-term user access token then extend it to long-term access token (facebook) when i have my own app id and app secret. But now I want to get and extend the access token provided by Graph Api Explorer. How can I do it ?
If we do it manually, we get an access token from Graph Api Explorer but its short term and will expires in about 1 hours, how can I make it a long-term access token?
This is not possible. To extend the Access Tokens, you must utilize an app_id as well as an app_secret. I assume you don't have the app_secret of the Graph Explorer, so this might get difficult.
See
https://developers.facebook.com/docs/facebook-login/access-tokens#extending
I still have this issue and Tobi not understood the problem.
The Facebook Access Tokens are really problematic most of times and this is one of the bigger issue.
I have a facebook stream plugin where user can show their personal profile posts.
But the only access token that work is the one generated by Graph API Explorer and this can not be extended. Any other access token associated to an APP will not work.
Is incredible that Facebook not have a tool to allow users to generate an access token for access their personal informations.
Currently there is not any working solution. Incredible.
I am trying to retrieve the ads report stats, outlined here:
https://developers.facebook.com/docs/reference/ads-api/adreportstats/
But I am currently stuck with generating an access token. I was going through here: https://developers.facebook.com/docs/reference/ads-api/overview/ ,
And it looks like the only way to generate an access token is to generate it by using live web app.
Is there any other way to generate an access token?
Yes, the only way to get a User access token is to have a user authorise your app via the documented login methods: full documentation here: https://developers.facebook.com/docs/facebook-login/overview/
No.
At least not as far as I can tell. It appears that you need 3 things to generate the token:
App Id, App Secret, Url
https://developers.facebook.com/docs/reference/ads-api/overview/
in the Provide Authorization section.
I'm having a similar issue.
You don't want a client token, you need to generate an access token for the ads reporting.
I've found the Facebook API somewhat confusing because they seem to blur the lines of Access Tokens for accessing user information, and Access Tokens for accessing reporting information.
there is a problem with my access token. I have made my own application, and I took the permission from the facebook user, who is me. And also I have given the same permissions to the facebook graph api. However when I can easily get the results using FQL with graph api access token, but I cannot get the result with my own application access token. What is the problem with my access token.
It is not user access token. Maybe this can be problem however also graph api is not also user access token.
Per the error message you need to use a user access token retrieved via the Authentication flow - you cannot use an app access token for this.
You mentioned in the comments you're successfully using an access token from the Graph API Explorer tool - this is also a user access token which the tool retrieves using the client-side oauth flow. This is not the same as using an app access token for your own app.
So, Facebook has 2 types of access tokens: Application and User access token.
Is it possible to use the Application access token for open graph?
Facebook has more than two types of access tokens, there are at least 3 since you forgot to mention the Page Access Token.
According to the App Access Token documentation:
Authenticating as an Application allows your application to obtain an
App Access Token. This is useful to make requests to the Graph API to
modify the parameters of your app, create and manage test users, or
read your application's insights for example.
As you can see, it depends what it is you want to ask the fb graph.
If you want for example to get the feed of a public page then an app token will suffice, on the other hand if you want to get the feed of a user then you'll have to use a user token.
When you browser through the Graph API documentation, for every object you get a list of fields and connections, and the 3rd column of the tables is titled as Permissions, in that cell you'll have info of what access token is needed if any.
I.e., if you check out the User object you can see:
id: No access_token required
updated_time: Requires access_token
installed: Requires app access_token
Hope this clarifies things for you.
Interesting problem I'm having right now.
Signing in an App gives a access token looking something like this:
AAACwFsGcSr4BAOGUTwfuZAWuUcwZC0rJ7noZCKMqhBI7ivDCsIGqduGIZCus5PRaS6KuREqxLmhfvZAZAkz5WCpFfANtUpYHgZD
This access token can't access users PUBLIC information, while one issued by Facebook on developers.facebook.com - CAN.
You can easily test this by logging to your facebook and going to this link: http://developers.facebook.com/docs/reference/api/
You'll see that Facebook automatically generates access token on DEMO urls like this one:
https://graph.facebook.com/me/music
?access_token=2227470867|2.AQCvlA_ZaJ2MfRR0.3600.1318266000.0-100001572415177|2FeweU6ZvOQS9OCF5ZBV58_PtPg
If you would change /ME/ to any user which has his MUSIC posted as public, you WILL be able to access that data with Graph API.
Now try to get an access token to your APP and call the same Graph API method with generated access token, the returned data is empty JSON object.
Whats’ the difference between these access tokens? How to obtain access token, that I could get public information using Graph API?
I was thinking that logging in your APP is the highest possible access token and the only higher token is token with specified permissions...
Any guidelines would be great :)
http://developers.facebook.com/docs/reference/api/permissions/
I believe the difference is that you can specify additional permissions in a scope parameter,
so if you wanted to read a user's feed you would have to specify read_stream. I was trying to accomplish this with an access token from a server-side authentication flow in ruby, but the access token only allowed to me to navigate accross a certain portion of graph.facebook.com/user_id/feed? requests. If you get any insights or comes across a solution shoot it my way too, if you can.