Reputation: 343
How to request a user_access_token rather than an app_access_token via OAUTH
I'm attempting to pull in a user's Facebook wall/feeds via an AJAX call to my webservice. Effectively the webservice itself just caches previous requests so that I don't have to hit Facebook every time someone wants to see a list of posts (I have them on a 30 minute cache ATM). This works great as long as I'm pulling their "Feed" via a URL like:
https://graph.facebook.com/v2.0/{0}/feed
where {0} is the user's ID. However, when I just want to request the user's statuses in order to avoid all the other garbage that shows up on their wall
https://graph.facebook.com/v2.0/{0}/statuses
I get an 400 request error. I drilled down a bit deeper and here is the actual response that I recieve:
{
"error": {
"message": "(#100) Requires user session",
"type": "OAuthException",
"code": 100
}
}
After a little bit of Googling, I believe that I have traced the issue to the fact that I am requesting an APP access token instead of a USER access token. Currently my request string for that is in the following format:
https://graph.facebook.com/oauth/access_token?client_id={0}&client_secret={1}&grant_type=client_credentials
I've been searching high and low, but I just haven't been able to find the correct format for requesting a specific user's access token. If, for example, I wanted to pull a list of statuses for a public profile like https://www.facebook.com/DrPepper, how would I go about getting that?
Upvotes: 1
Views: 646
Answers (1)
Reputation: 11297
You need to authorize the user (or yourself) via oAuth Dialog this will return a code (a random string) which gives one-time access to /oauth/access_token endpoint to return the access_token
/oauth/access_token?client_id={app_id}&client_secret={app_secret}&code={code}
sending the redirect_uri (it must match your website URL in your app dashboard) parameter will generate a 60 days access_token, obviously you need this
You can change response_type to token instead of code so you don't have to request /oauth/access_token oAuth Dialog - Parameters
Another Solution
Stick with {ID}/feed and use app access_token because it never expires,
/{ID}/feed?fields=message,type
and use PHP or whatever you're using to check the type field
Upvotes: 1
Related Questions
- Using app-access token instead of user-access token
- How to get user access_token if I have his/her oauth_token?
- Facebook get access_token by username/password
- Call facebook api with only a user access token
- Get new access_token without user accessing the application
- How to get the facebook app_access_token?
- Get user access token from user_id (app already authorized)
- Facebook USER access token used instead of APP access token for public resources
- Facebook API get user accesstoken for app
- How could I get access token for another user (from my app)?