Long-lasting FB access-token for server to pull FB page info

redhotvengeance picture redhotvengeance · Aug 29, 2012 · Viewed 45.7k times · Source

I'm aware that there are many questions about Facebook access-tokens and the grief they cause, but despite much experimentation and reading many frustratingly vague blog articles (FB and otherwise), I'm still struggling to get a clear answer to my needs. Let me succinctly break down my process so far:

  • I am creating a site that, server-side, needs to pull the posts/statuses from a single Facebook Page
  • I am an admin of that Facebook Page
  • I have created a Facebook App
  • Using the Facebook Graph API Explorer, I've generated a short-lived key, connected to my app and my account, that grants permission to my account to view the access-tokens for my pages
  • I've converted my short-lived key to a long-lived key (60 days) ala scenario 4 from this

And here's where I am stuck. My 60 day key works fine for my server to pull the info needed from the page, but as far I can tell, there's no way to programmatically extend that 60 day key. I also do not know of a way to generate a new short-lived key without manually going to the Facebook Graph API Explorer and creating one.

Since it is my server making the requests to the Facebook API and not a user-based system (where I could easily request that a user authorize the Facebook app again), this creates a very clunky system. Since Facebook deprecated offline_access, is there really no permanent way to have my server pull info from my own page? Will I really have to create a new key by hand and manually update my server with it every 60 days?

Or is there something I'm missing?

Update:

The step-by-step guide that was previously found here has been migrated down into its own answer.

Answer

redhotvengeance picture redhotvengeance · Feb 21, 2014

These are the steps that were previously in the question - they have been migrated to this answer.

Having found that it is possible to generate a Facebook Page Access Token that does not expire (with help from @Igy), here is a clear, step-by-step quide for all those looking to the same:

  1. Make sure you are the admin of the FB page you wish to pull info from
  2. Create a FB App (should be with the same user account that is the page admin)
  3. Head over to the Facebook Graph API Explorer
  4. On the top right, select the FB App you created from the "Application" drop down list
  5. Click "Get Access Token"
  6. Make sure you add the manage_pages permission
  7. Convert this short-lived access token into a long-lived one by making this Graph API call: https://graph.facebook.com/oauth/access_token?client_id=<your FB App ID >&client_secret=<your FB App secret>&grant_type=fb_exchange_token&fb_exchange_token=<your short-lived access token>
  8. Grab the new long-lived access token returned back
  9. Make a Graph API call to see your accounts using the new long-lived access token: https://graph.facebook.com/me/accounts?access_token=<your long-lived access token>
  10. Grab the access_token for the page you'll be pulling info from
  11. Lint the token to see that it is set to Expires: Never!

That should do it. You should now have a Facebook Page Access Token that doesn't expire, unless:

  • You change your Facebook account password
  • You lose admin access for the target page
  • You delete or de-authorize your Facebook App

Any of these will cause the access token to become invalid.

If you are getting (#100) Tried accessing nonexisting field (accounts) on node type (Page), go to the Access Token Debugger, copy the value of User ID, and use it to replace the "me" part of the URL in step 9.