Server Side Non-User Interaction Way of Extending Facebook Access Tokens

Question

I have a web application where the user links our website to their Facebook account so that we can publish content to their walls and fan pages. We were previously using the offline_access parameter but now it is retired and all of our user's access tokens are expiring after 60 days. It seems to me that all of our users will have to go and re-link their Facebook account after 60 days. Is there any way to automatically refresh the access token without the user's interaction?

Answer 1

As I understand it, 60 days is the max life for any access token these days. A user will have to re-authenticate your Facebook application every 60 day cycle(or if they remove access for any other reason).

Even the long-lived access token will eventually expire. At any point, you can generate a new long-lived token by sending the person back to the login flow used by your app - note that the person will not actually need to login again, they have already authorized your app, so they will immediately redirect back to your app from the login flow with a refreshed token - how this appears to the person will vary based on the type of login flow that you are using, for example if you are using the JavaScript SDK, this will take place in the background, if you are using a server-side flow, the browser will quickly redirect to the Login Dialog and then automatically and immediately back to your app again.

Sources:

http://developers.facebook.com/roadmap/offline-access-removal/ http://developers.facebook.com/docs/facebook-login/access-tokens/#extending