0

The Facebook says that:

The access tokens are portable.

https://developers.facebook.com/docs/facebook-login/access-tokens#portabletokens

But! How can I use the access token, which was generated by an other app? If I create a session with that access token (with my app credentials) and make a /me request to graph API, then I get an other user id, than mine (which I got with my access token). So I cannot compare the two fb user ids with each other.

I know that the Facebook uses app scoped user ids, but what is the solution in this case?

Tamas Kinsztler
  • 182
  • 1
  • 2
  • 14

1 Answers1

1

Portable mean here (and it's explained in the docs) that you can save the Access Token somewhere and use it with multiple clients.

This has nothing to do with using a second Access Token generated by another app. Also, it's not clear to me why you need to "compare" two Access Token at all.

You should state a question which people can answer. From your question, it's not clear what you want to achieve.

Tobi
  • 31,405
  • 8
  • 58
  • 90
  • Sorry, I edited my question. I don't want to compare the access tokens, only the user IDs which accessed with tokens. I am making a public REST API to my website, and my website is using only FB authentication. So if someone wants to get the logged in status throught the REST API, then he has to provide a FB access token, then I make a session with it, and get the FB user id, and I compare it with my data in the database. But I cannot compare, because the FB user ids are different. – Tamas Kinsztler Aug 29 '14 at 08:06
  • 1
    no half-intelligent user would every enter a facebook access token on your page directly – andyrandy Aug 29 '14 at 08:14
  • I think that's a BS concept. If you're already using FB Login, why is all this mess neccessary? – Tobi Aug 29 '14 at 08:19
  • Yes I am using already FB login on my website, but if someone make a mobile app for my website then he need to use the REST API, and I think this is the only way to authenticate users throught the REST API. Here is a description about the method, and I actually made it, but not working (cannot compare the IDs): http://stackoverflow.com/questions/12065492/rest-api-for-website-which-uses-facebook-for-authentication – Tamas Kinsztler Aug 29 '14 at 08:24
  • this is the only way to compare ids between different apps: https://developers.facebook.com/docs/apps/for-business - but i doubt that you can use it for apps you don´t own. – andyrandy Aug 29 '14 at 09:07
  • @luschn You can't use the Business Mapping API for apps you don't own. – Tobi Aug 29 '14 at 09:24
  • yup, that is what i thought :) – andyrandy Aug 29 '14 at 09:53