在2021年刷新长寿命的访问令牌端点是否正常工作? [英] Is refreshing long lived access token endpoint working in 2021?
问题描述
尝试通过此端点刷新我的长期访问令牌:
继续获取错误: OAuth"Facebook Platform""invalid_token";无效的OAuth访问令牌."
但是,我使用> https://developers.facebook.com/tools调试了令牌/debug/accesstoken/表示它是有效的,并且有效期约为2个月(证明其访问令牌的寿命很长).
此端点不再起作用了,还是我丢失了某些东西?
P.S.我正在使用一个用户访问令牌,它是一个由Facebook页面支持的公共Instagram商业帐户.另外,我正在服务器上使用它,因此如果在60天内使用令牌,令牌将不会刷新(当您通过FB mobile sdk进行身份验证时会发生这种情况.)
编辑
所以看来我错过了两个要求:
- 您的长期访问令牌必须至少存在24小时才能刷新
- 将用户登录到Facebook时,您需要"instagram_graph_user_profile"权限/范围
如何
我尝试过:
- 很奇怪,每当我将该权限/范围添加到列表中时,Facebook登录总是失败并显示有问题".我尝试使用 facebook登录反应npm包,手动登录流程 FB SDK登录按钮,结果完全相同.
- Facebook Graph API Explorer不包含此权限.但是,他们拥有的权限列表确实包含了该列表.
那是什么意思,Facebook不允许刷新长期存在的令牌?
注意:有关如何刷新长期访问令牌的文档适用于Basic Display API,不建议企业帐户(将使用我的应用的用户)使用.因此,这使我更加不确定是否可以为Instagram Graph API刷新令牌.
更多信息
因此,在FB开发人员门户上,如果将Instagram Basic Display产品添加到您的应用程序(我以前没有此产品),它将允许您请求 instagram_graph_user_profile 权限.但是,这带来了更多问题:
- 我是否必须使用Insta Graph API + Insta Basic Display才能获得可刷新的长期访问令牌?
- 如果是这样,那是如何工作的?因为建议将Insta Basic显示用于个人帐户,将Graph API用于商业帐户.
- 如果是,该如何添加
instagram_graph_user_profile权限?仍然会导致FB登录失败.
因此,我最终联系了一些我确实知道要做的事情的公司,他们确认Facebook确实要求用户重新在约60天后授权.
如果没有,那么长寿命的访问令牌将过期.
Trying to refresh my long lived access token via this endpoint:
Keep getting the error: OAuth "Facebook Platform" "invalid_token" "Invalid OAuth access token."
However, I debug my token using https://developers.facebook.com/tools/debug/accesstoken/ which shows that it is valid and for around 2 months (which proves its a long lived access token).
Does this endpoint not work anymore or am I missing something?
P.S. I'm using a User Access Token, its a public Instagram business account backed by a Facebook page. Also, I'm using this on server, so it won't refresh if the token is used within 60 days (that's what happens when you auth through FB mobile sdk).
EDIT
So it looks like there are two requirements that I missed:
- Your long lived access token has to be at least 24 hours old in order to refresh
- You need the 'instagram_graph_user_profile' permission/scope when logging your user into Facebook
HOWEVER
I tried:
- Oddly enough, whenever I add that permission/scope to the list, Facebook Login always fails and says "There's something wrong". I tried this using the facebook login react npm package, the manual login flow by just making requests, and the FB SDK login button, all the same result.
- The Facebook Graph API Explorer doesn't include this permission. However, the list of permissions they have does include it.
So what does this mean, Facebook isn't allowing refresh of long lived tokens?
NOTE: The docs on how to refresh a long lived access token are for the Basic Display API, which isn't recommended for business accounts (which is who will be using my app). So this makes me more unsure of if it is possible to refresh tokens for the Instagram Graph API.
MORE INFO
So on the FB developer portal, if you add the Instagram Basic Display product to your app (I previously didn't have it) it allows you to ask for the instagram_graph_user_profile permission. However, this brings up more questions:
- Do I have to use Insta Graph API + Insta Basic Display in order to get a a refreshable long lived access token?
- If so, how does that work? Because Insta Basic Display is recommended for personal accounts and Graph API is for business accounts.
- If so, how do I add the
instagram_graph_user_profilepermission? It still causes FB login to fail.
So I ended up contacting a few companies that I know for a fact do what I was trying to do and they confirmed that Facebook does REQUIRE the user to re-authorize after ~60 days.
If they don't, the long lived access token will expire.
这篇关于在2021年刷新长寿命的访问令牌端点是否正常工作?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
