0

I'm building a new app which is still in development, i.e., I am the only user. The user is authenticated on the frontend, which then passes a Facebook access token to the backend. I want to validate this token on the backend to make sure that it's still valid, that it matches this application, and that the user matches. As described in how to verify facebook access token? (and the official Facebook docs), this can be done by calling graph.facebook.com/debug_token.

When I make this call from my local machine, it works fine. When I do it using the Graph API Explorer debug tool, it works fine. It used to work fine from my backend, too, but a few days ago it stopped working and now I get this error every time I make this call:

GraphAPIError: (#4) Application request limit reached

I could not possibly have exceeded any limits since the total number of API calls is tiny (this app is still in development mode, and I'm making a single call per login, not batching anything, not trying to read a feed, etc.). In fact, the very first request I make on a given day causes this error. Here's Facebook's graph of the total number of API calls I'm making:

Facebook API Usage and Performance

There are a number of questions about the same error e.g. Facebook Application Request limit reached, however in all of these cases, it appears that users were actually exceeding some request limit, whereas in this case, that doesn't seem possible. The error seems misleading.

My backend is written in Python and hosted on Google App Engine.

Any ideas what may be causing this?

Community
  • 1
  • 1
Lane Rettig
  • 6,640
  • 5
  • 42
  • 51

1 Answers1

1

It turns out that this had absolutely nothing to do with quotas. It was a bug in the Python code. Here's what I was doing (using the Facebook Python SDK).

    import facebook
    app_access_token = facebook.get_app_access_token(
        FACEBOOK_KEYS['consumer_key'], FACEBOOK_KEYS['consumer_secret'])
    graph = facebook.GraphAPI(app_access_token)
    token_info = graph.get_object("debug_token?input_token=%s" %
                                  access_token)

I changed the last line to the following:

    token_info = graph.get_object("debug_token", input_token=access_token)

Now it works. The error was completely misleading. I suppose Facebook was getting confused and not seeing the right token. I filed a bug report with Facebook in the hope that the error message, at least, can be improved.

Lane Rettig
  • 6,640
  • 5
  • 42
  • 51