Do Facebook has a refresh token of OAuth?

Question

Do Facebook has a refresh token of OAuth?

I wanna know if there is a refresh token, how long will it be expired? 60days?

And if Facebook don't have refresh token, then can I understand the long live access token as the refresh token, and short live access token as the access token?

Thanks.

Answer 1

Facebook does not provide a refresh token.

Facebook provides two kinds of access tokens,

1. Short lived access token: A token that is expired after a short period of time (about 2 hours).

   Short lived access tokens are usually used on web clients.

2. Long-lived access tokens: An access token which has a long life (about 60 days).

   Long lived access tokens are usually used on mobile apps and server side.

You can generate long lived access tokens with the Facebook SDKs for Android and iOs, These tokens will be refreshed once per day when the person using your app makes a request to Facebook's servers. If no requests are made, the token will expire after the preset expiry and the person will have to go through the login flow again to get a new token.

It is possible to exchange a valid short lived access token for a long lived access token.

The documentation explains well about the tokens, exchanging methods, call parameters etc..

And if Facebook don't have refresh token, then can I understand the long live access token as the refresh token, and short live access token as the access token?

No.You can't. Refresh token is a token that may be used to obtain a new access token.

Facebook SDKs can refresh an access token at regular intervals before token expiry if connected.