When you connect with an application using Facebook Login and you approve the request for permissions, your application gets access to access tokens. These tokens provide temporary authorization to Facebook API. Someone may ask what an access token is.
This is an opaque string responsible for identifying an app, user, or page. It is used by the app to make graph API calls. They are obtained by many methods. Access tokens comprise of the information on the App which was used to generate it and the date of expiry of the token. Most API calls on Facebook includes and access token to conduct security checks. There are many types of access tokens on Facebook they include user access token, app access token, page access token and client token.
Creating an access token for Facebook that does not expire
Over the recent past, there has been an ongoing change in Facebook API due to the Cambridge Analytica data leak. This has led to apps losing access to public posts as well as event API. What this means that your app access token if not verified by Facebook fails to return posts or events. With this notwithstanding, you can retrieve a never-expiring page access token. The only caveat is one need to be the Facebook page admin and the admin for the app.
Steps To Generating the Access Keys for Facebook
- The first place to visit is facebook, get the access token but before this, head on to Facebook developers portal and sign up for an account, and consequently create a new application. Nonetheless, this step can as well be skipped in the event that you already have an existing app.
- Head on to the Dashboard option then to the settings and select Basic and copy the App ID and App Secret
- From here, move to Facebook Graph API explorer. It is here that you will generate an access token, however this one is short-lived. You will see a drop down menu, and here you are supposed to select your App. There is also another dropdown menu from where you should select Get User Access Token.
A pop up window will appear, like the one shown below. It is here where you need to select the scopes (permission) for your user access token.
From here, there are three things you are supposed to do, and these include to select the (manage pages) option, and then choose (pages show list) permissions. The permissions documentation page will be of great assistance if you want to learn more about permissions.
Next, get the user access keys by clicking on the button labeled Get Access Token. The access token facebook generates when you click here expires quickly or rather, it is a short-lived one. Proceed to copy it as you will use it in the step ahead.
- You now will be navigated to Access Token Debugger and at this point you will see full data for the expiring facebook access token. Such tokens usually expire in one hour’s time.
- Not to worry as you can extend its expiry date in a simple way. To extend it, click on the Extend Access Token which is right at the bottom of the page. This way you will have it life extended. Therefore copy it to help you complete the next step.
- Navigate to Graph API Explorer and paste the copied facebook token in the Access Token slot. Now change the API endpoint to get access to me/accounts then click the Submit button. The process shows the result as well as the pages information, page access token included. This is the token that never expires. Now copy your relevant page’s access token.
- You can find out if the pages access token is short lived or not. Do achieve this, navigate to Access Token Debugger, and here paste the token which you received from the step above and then click on Debug.
When you follow these steps, you are assured of generating a page access token that never expires. This token can be used with your own page integration. Always ensure to keep this safe and away from reach of unauthorized individuals as they could use it to get facebook app id of your page and tamper with it or equally carry out unauthorized activities.