CODEWITHSUNDEEP
facebookfacebook-graph-apifacebook-javascript-sdk
Venkat
Venkat

Reputation: 113

Handling Facebook access token expiry in Javascript SDK

I am using Facebook Javascript SDK http://developers.facebook.com/docs/reference/javascript/ to authenticate and approve my Facebook app. My SDK code will be as follows:

window.fbAsyncInit = function() 
{
    FB.init({
        appId : 'MY_APP_ID', 
        status : true, // check login status
        cookie : true, // enable cookies to allow the server to access the session
        xfbml : true,  // parse XFBML
        oauth : true
    });

    FB.login(function(response) 
    {
        if (response.authResponse) 
        {
            var userFBAccessToken  =  response.authResponse.accessToken;
            console.log('userFBAccessToken: ' + userFBAccessToken);
            FB.api('/me', function(response) 
            {
                console.log('Good to see you, ' + response.name + '.');
                FB.logout(function(response) {
                    console.log('Logged out.');
                });
            });
        } else {
            console.log('User cancelled login or did not fully authorize.');
        }
    }, {scope: 'user_activities,user_notes,user_photos,user_videos,user_status,offline_access'});
};  

// Load the SDK Asynchronously
(function() {
    var e = document.createElement('script'); e.async = true;
    e.src = document.location.protocol + '//connect.facebook.net/en_US/all.js';
    document.getElementById('fb-root').appendChild(e);
}());

I am confused with offline_access deprecation. My questions here are, if I enable the 'Deprecate offline access' option in my App Advanced settings page:

  1. What will be the expiry time of the access token which I received from response.authResponse.accessToken. Whether its 2 hours or 60 days? (what will be the duration for now and after May 1st 2012)

  2. If its only 2 hours, how can I extend it to 60 days?

  3. Whether the retrieved access token will be valid only when users are in online or it will be valid even when they are offline?

Thank you.

Upvotes: 3

Views: 5385

Answers (1)

Yan Berk
Yan Berk

Reputation: 14438

1+2. The expiry will be 2 hours. You will need to extend it after it expires. The request for extension is explained here under 'Client-side OAuth and Extending Access_Token Expiration Time through New Endpoint': https://developers.facebook.com/roadmap/offline-access-removal/

  1. Should be valid at all times.

Upvotes: 1

Related Questions