0

I have started to integrate Facebook SDK into my iPhone project. I have no problem on devices with multitasking using SSO. The received access token is long lived and I can extend it by calling the "extendAccessToken" method from Facebook iPhone SDK.

It seems that the access token extension doesn't works on devices without multitasking support. It's very strange, that the "extendAccessToken" method uses an old REST API to extend the token: "auth.extendSSOAccessToken", but the API returns with an error message that says:

  • "The access token was not obtained using single sign-on". (iPhone 3G)

I have also tried to use the "oath/accesstoken" graph api described on this page: http://developers.facebook.com/docs/offline-access-deprecation but it seems that the returned access token has the same expiration date like before calling this api (I tried to extend the token after 5-6 days since I received it).

Has anybody the same issue?

Maybe this is not a bug but it's a Facebook feature. Maybe the Facebook allows to extend the access token only if it is received through a trusted environment using single sign-on (like Facebook Application or Safari browser).

Sipos Tamas
  • 1
  • 3

1 Answers1

0

We had the same issue.

The way we are currently solving it is by having a server extend the access_token.

If anyone has a better solution, would love to hear. If there isn't a better solution and you would like to use our server to extend access tokens, we can work something out.

  • Yoav.
user92301
  • 461
  • 3
  • 8
  • Thank you Yoav for your answer. I only observed it now, sorry for my late reaction. My application also has a server side but I was wondering that is it really needed to send the user's access token to the server? Can I have a question? How are you extending the access_token on server side? Is the access_token generated on the mobile side and sent to the server to extend it like here: http://stackoverflow.com/questions/8982025/how-to-extend-access-token-validity-since-offline-access-deprecation. Or the entire process (like gaining access token and extension) is happening on server side? – Sipos Tamas May 30 '12 at 15:24