1

My code is as follows:

FacebookClient client = new FacebookClient();

client.AppId = appId;
client.AppSecret = appSecret;

dynamic result = client.Get("oauth/access_token", new
{
    client_id = appId,
    client_secret = appSecret,
    grant_type = "client_credentials"
});
//client.AccessToken = "";

var accessToken = result.access_token;
client.AccessToken = accessToken;

dynamic parameters = new ExpandoObject();
parameters.client_id = appId;
parameters.redirect_uri = "https://www.facebook.com/connect/login_success.html";
parameters.response_type = "token";
parameters.display = "popup";
parameters.scope = "publish_actions";

var login = client.GetLoginUrl(parameters);

// AccessToken token;
// var accessToken = client.AccessToken;

dynamic result2 = client.Get("me");

But I get the error message: Facebook C# SDK:

An active access token must be used to query information about the current user.

Can someone help me where I'm going wrong with this please?

Thanks!

avs099
  • 10,937
  • 6
  • 60
  • 110
Lilz
  • 4,013
  • 13
  • 61
  • 95

1 Answers1

3

you use APPLICATION access token to get information about currently logged in user - that's not allowed. Key word here is currently logged in. So if you use an ID - user's id for example - 1231231231 - instead of me - that will work. Or any other ID your app has permissions to access.

Basically, app knows nothing about the current user, so you can't use me.

Regarding user token. You still have to have certain kind of interaction with the user to let him to approve the requested permissions for your app. At that point you can pass parameters.redirect_uri url to the Facebook login page, and Facebook will call it with the user token after user logs in and approves the permissions. THAT is the token you can use for me query. But it will expire. App token, however, WILL NOT expire but it is somewhat limited. One use case can be that you need to request certain information about the user long after user gave you the permissions. Then you should use app token and that's completely server-side (no additional interaction with user is required).

avs099
  • 10,937
  • 6
  • 60
  • 110
  • Déjà vu :) http://stackoverflow.com/questions/10096261/oauthexception-2500-an-active-access-token-must-be-used-to-query-informatio – avs099 Sep 18 '15 at 20:10
  • I didn't downvote you! This is an application so I'd rather not redirect them anywhere if they are already logged in. Am I going by this the right way? – Lilz Sep 21 '15 at 20:52
  • @Lilz re: downvote - that was not me asking. Regarding application - i updated the answer. Let me know if that makes sense. – avs099 Sep 21 '15 at 22:19