1

I'm new to the facebook API. I have been reading a documentation all day, but I still can't get how does it work.

I'm using the official php-sdk and I thought that I will get permanent key for each user which I can insert into database and use everytime I need to call API for user's data.

Is it possible to get something like this? Permanent key?

I have read Facebook login – access tokens, but I still can't make it work.

This is the only think that work's for me: http://pastebin.com/Dq65pZaU. How can I call the API after I have permanent key for each user? I can edit it by myself :) just wanted show you the source. Sorry, for stupid question, but FB api is something like hell for me.

Andreas Hultgren
  • 14,763
  • 4
  • 44
  • 48
Northys
  • 1,305
  • 3
  • 16
  • 32
  • 1
    That was possible a while ago, asking for `offline_access` permission, but not any more. Now you can at most get an extended token, that is valid for 60 days, after that you will have to get a new one. Btw., this has been discussed multiple times before already, so please do some proper research. – CBroe Jan 26 '14 at 20:45
  • My english is probably bad to make a good search query, I'm sorry. Thank you, I will find it out. It's kinda annoying. – Northys Jan 26 '14 at 21:05

1 Answers1

1

To cut a big story short:

When using oAuth consider that you have 2 things to do. First login the user to an oAuth application, and then request a token which will grant you permissions to that application on the user's behalf. To define what permissions the user can grant you, you use the scope. The scope defines some groups of properties. Eg scope=birthday etc etc.

The facebook SDK provides a fb user_id if you want to store the id of the users profile for future reference. But in order to make calls to the api then you need to store and use the token.

A token can last up to 2 hours. When the token expires then you need to get a new one.

You need to implement checks on the validity of the token via either try and fail either with the token debugger or other methods.

So again, you login the user to facebook, asking fro read email eg permissions. User grants them and then you get a token and a user id. Use the token to make calls, if it doesn't work, you need to request a new one from the user, via re-logging him in etc.

At last there are methods to extent the life of a token or request a fresh one (exchange).

All these methods are documented here.

I hope this makes it a bit clear.

Gotcha:

-usually a webserver flow grants you with a 60 day token. see discussion here

-use the debugger on the token to find info about it here

Community
  • 1
  • 1
Jimmy Kane
  • 16,223
  • 11
  • 86
  • 117
  • If I understand you - It's not possible to make my app work without loading fb every 2 hours? Because facebook is blocked in school. EDIT: now I read the comment above. Thank you for your explanation :) – Northys Jan 26 '14 at 21:04
  • 1
    As I said you can extend the life up to 2 months, and yes it is possible by visiting it – Jimmy Kane Jan 26 '14 at 21:05
  • OK, I will use [setExtendedAccessToken()](https://developers.facebook.com/docs/reference/php/facebook-setExtendedAccessToken/) before I will make any call and if I get no response I will just ask user about log in again, right? – Northys Jan 26 '14 at 21:17
  • @JiriTravnicek yes. Also see updated answer with extra gotchas and resurces – Jimmy Kane Jan 26 '14 at 21:22