Monday, June 4, 2012

Facebook Page Access Tokens - Do these expire?


I'm building an app that allows users to administrate their Facebook Fan Pages. This requires the following two Access Tokens:



  1. A User Access Token

  2. A Page Access Token



I'm quite familiar with User Access Tokens, but not with Page Access Tokens.



Does anybody know how long the Page Access Token remains valid? All I can find on the Facebook website is this succinct paragraph , which doesn't mention anything about it's expiry.



Can I assume that if I am requesting the User Access Token with the offline_access permission the Page Access Token will also last indefinitely (unless the user changes their password or manually deauthorises my app)?



I'm asking because I want to know how often I should query the Facebook Graph API and acquire Page Access Tokens. Should I simply request them once when the user registers? Or should I request them one each API Call in the event they continuously change? The latter is obviously more taxing!



Assistance is appreciated. :)


Source: Tips4all

3 comments:

  1. Page Tokens expire when the access token expires for the user that the page token was generated from.

    Offline access has now been deprecated, but you are allowed to extend an access token to last for 60 days. If you extend the user's access token, then the page tokens generated from that user account will also have their expiration extended to match. (edit 4.16.2012) The value for the access tokens may change after being extended, so be sure to grab new page tokens from the user's /accounts graph connection after extending the user token.

    You can continue to extend these access tokens once per day. So you should regenerate the access tokens each day that the user interacts with your app.

    See
    https://developers.facebook.com/docs/authentication/
    https://developers.facebook.com/docs/offline-access-deprecation/
    https://developers.facebook.com/blog/post/500/

    ReplyDelete
  2. Facebook page access token is very similar to User access token except that "it impersonates the user" as the admin of the page and allows to manage it [manage_page permission is required].

    If Offline_access permission is granted to the app the page access_token WILL NOT expire (unless the user changes their password or manually deauthorises the app)

    Use the following link to check the details of an issued access token.

    https://developers.facebook.com/tools/debug/

    ReplyDelete
  3. See this https://developers.facebook.com/roadmap/offline-access-removal/#page_access_token
    According to this when you get short time access token and extend it to long live access token this will not expair for only page access token. See scenario 5: page access token

    ReplyDelete