10

I'm trying to access scores through the Facebook API to get a list of scores of my friends. When I try to access /[facebook id]/scores, I get the following error even with my app access token:

FacebookApiException [ 0 ]: A user access token is required to request this resource. ~ APPPATH/classes/basefacebook.php [ 1039 ]

How do I get a user access token?

Updated: After reading http://developers.facebook.com/docs/reference/api/permissions/, I've confirmed that the app access token and user access token are two different access tokens. The question still remains, how do I get a user access token?

Chris
  • 44,602
  • 16
  • 137
  • 156
Moon
  • 22,195
  • 68
  • 188
  • 269

5 Answers5

4

I see that you are using the php-sdk. So you need your friend to access your app with a script something like the example: 

<?php
/**
 * Copyright 2011 Facebook, Inc.
 *
 * Licensed under the Apache License, Version 2.0 (the "License"); you may
 * not use this file except in compliance with the License. You may obtain
 * a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 * License for the specific language governing permissions and limitations
 * under the License.
 */

require '../src/facebook.php';

// Create our Application instance (replace this with your appId and secret).
$facebook = new Facebook(array(
  'appId'  => '191149314281714',
  'secret' => '73b67bf1c825fa47efae70a46c18906b',
));

// Get User ID
$user = $facebook->getUser();

// We may or may not have this data based on whether the user is logged in.
//
// If we have a $user id here, it means we know the user is logged into
// Facebook, but we don't know if the access token is valid. An access
// token is invalid if the user logged out of Facebook.

if ($user) {
  try {
    // Proceed knowing you have a logged in user who's authenticated.
    $user_profile = $facebook->api('/me');
  } catch (FacebookApiException $e) {
    error_log($e);
    $user = null;
  }
}

// Login or logout url will be needed depending on current user state.
if ($user) {
  $logoutUrl = $facebook->getLogoutUrl();
} else {
  $loginUrl = $facebook->getLoginUrl(array('scope'=>'offline_access'));
}

// This call will always work since we are fetching public data.
$naitik = $facebook->api('/naitik');

?>
<!doctype html>
<html xmlns:fb="http://www.facebook.com/2008/fbml">
  <head>
    <title>php-sdk</title>
    <style>
      body {
        font-family: 'Lucida Grande', Verdana, Arial, sans-serif;
      }
      h1 a {
        text-decoration: none;
        color: #3b5998;
      }
      h1 a:hover {
        text-decoration: underline;
      }
    </style>
  </head>
  <body>
    <h1>php-sdk</h1>

    <?php if ($user): ?>
      <a href="<?php echo $logoutUrl; ?>">Logout</a>
    <?php else: ?>
      <div>
        Login using OAuth 2.0 handled by the PHP SDK:
        <a href="<?php echo $loginUrl; ?>">Login with Facebook</a>
      </div>
    <?php endif ?>

    <h3>PHP Session</h3>
    <pre><?php print_r($_SESSION); ?></pre>

    <?php if ($user): ?>
      <h3>You</h3>
      <img src="https://graph.facebook.com/<?php echo $user; ?>/picture">

      <h3>Your User Object (/me)</h3>
      <pre><?php print_r($user_profile); ?></pre>
    <?php else: ?>
      <strong><em>You are not Connected.</em></strong>
    <?php endif ?>

    <h3>Public profile of Naitik</h3>
    <img src="https://graph.facebook.com/naitik/picture">
    <?php echo $naitik['name']; ?>
  </body>
</html>

Then you need to:

  1. Grant the offline_access permission
  2. Store the returned access_token
  3. Use that token whenever you query your friend's scores $facebook->api('friend_id/scores?access_token=$stored_access_token');
genesis
  • 50,477
  • 20
  • 96
  • 125
ifaour
  • 38,035
  • 12
  • 72
  • 79
  • // thank you ifaour. I added 'offline scope', but how do I access token? I used $Facebook->getAccessToken(), but it didn't work. $Facebook is an instance of the facebook sdk in PHP. – Moon Oct 24 '11 at 17:23
  • you need to add `offline_access` to your scope then once your friend is connected to your app (inside `if($user)`) calling the function you mentioned will return the access_token you need to store! – ifaour Oct 24 '11 at 17:26
  • 1
    // thanks!! it works now. I think 'offline_access' is required to make it work. – Moon Oct 24 '11 at 23:11
  • from this example is it pssible to get a `PAGE` access token? – t q Jul 10 '12 at 13:32
  • @tq I've already posted in another answer [here](http://facebook.stackoverflow.com/questions/3627684/facebook-graph-api-posting-to-fan-page-as-an-admin/7649048#7649048) – ifaour Jul 11 '12 at 06:30
  • 1
    the offline_access permission is deprecated and will removed soon. it was still valid when this thread came up, but even then you did not need it. never require more permissions from the user than you really need. sorry, but this is a very bad answer, and it´s also not correct usage of the php sdk in step 3... – andyrandy Oct 28 '12 at 16:24
  • 2
    That isn't your actual app secret, is it? If so, be sure you change the app secret. – Bryan Gentry Mar 06 '13 at 19:37
3

Please refer to the documentations showing the authentication flows for Facebook.

http://developers.facebook.com/docs/authentication/

This is the best place to start to understand how it works.

  1. You get the user's permission and access_token
  2. You can use this access_token as a "key" to get and post Facebook information

The access_token is not to be mistaken for your application secret code, which is used to authorised to make a connection on behalf of your registered application.

Luke
  • 22,826
  • 31
  • 110
  • 193
2

In Flex you can use:

FacebookDesktop.getSession().accessToken;
Nakilon
  • 34,866
  • 14
  • 107
  • 142
melli-182
  • 1,216
  • 3
  • 16
  • 29
0

Suscribe to this event: 

FB.Event.subscribe('auth.authResponseChange', function(response) {

then check response.status

kleopatra
  • 51,061
  • 28
  • 99
  • 211
Lalo
  • 323
  • 3
  • 2
0

I call this function:

FB.getLoginStatus(onFacebookInitialLoginStatus);

Which calls the function below and gets the accesss_token from the response.

function onFacebookInitialLoginStatus(response) {
            if (response.status == "connected" && response.session) {
                var access_token = response.session.access_token;
                var url = 'https://graph.facebook.com/me/likes?access_token=' + access_token;
            }
            else {
                facebookLogin();
            }
        }
Jack Marchetti
  • 15,536
  • 14
  • 81
  • 117