1

In one of my iOS apps, I am using FBSDKfor Facebook login and it works correctly. But we would like to handle the case that the access token becomes invalid. If I have changed my password through some other Facebook login then as per the Facebook blog post, it should invalidate the access token, but while I am fetching the stored token using [FBSDKAccessToken currentAccessToken].tokenString, it appears that the token is still valid, based on the following:

  1. [FBSDKAccessToken currentAccessToken].tokenString does not return nil.
  2. Using the following url to validate the access token [NSString stringWithFormat:@"https://graph.facebook.com/APP_ID/permissions?access_token=ACCESS_TOKEN], as per stackoverflow post

How to verify the account password changed (and corresponding token invalidation) scenario for Facebook?

We want to detect the invalid token and ask the user to login again, if the account password has been changed through logging in to Facebook somewhere else and changing the password.

Any suggestion is appreciated.

Thanks.

auspicious99
  • 3,902
  • 1
  • 44
  • 58
Janmenjaya
  • 4,149
  • 1
  • 23
  • 43

1 Answers1

0

Changing password won't invalidate the login. To invalidate the login, you need to go to Facebook->Settings->Security and Login. Find where you are logged in with the token and force log out.

Mark S.
  • 3,849
  • 4
  • 20
  • 22
  • I am able to change the password, but after changing the password my previous token is showing as valid, but as per the documentation it should be invalid, my question is why the previous token is valid and how to implement the functionality like for invalid token, ask user to login again. – Janmenjaya Sep 25 '17 at 11:41
  • Are you using the OS-integrated flow? The [documentation](https://developers.facebook.com/docs/graph-api/using-graph-api/#errors) specifically calls out the OS-integrated flow for iOS 6 or higher with a password change (error 460). But doesn't say anything about any other scenario causing the token to be invalidated – Mark S. Sep 25 '17 at 15:57