如何获取未过期的页面访问令牌? [英] How do I get a page Access Token that does not expire?

问题描述

我想知道是否可以使用永不过期的访问令牌发布到我的页面

I would like to know if it is possible to have an access token that never expires for post to my page

现在我得到了访问令牌:

Now I get the access token with:

https://graph.facebook.com/me/accounts

我有 publish_stream 和 manage_pages 权限，但使用 访问令牌调试器 我看到令牌在大约 1 小时后过期.有没有永不过期的方法?

I have publish_stream and manage_pages permission, but using the Access Token Debugger I see that the token expires in about 1 hour. Is there a way to never expires?

推荐答案

参见 facebook 开发人员:

通过使用长期存在的用户访问令牌，查询 [UserID]/accounts 端点现在将提供不为用户管理的页面过期.

By using a long-lived user access token, querying the [User ID]/accounts endpoint will now provide page access tokens that do not expire for pages that a user manages.

因此，您必须通过服务器端调用将初始短期令牌交换为长期令牌:

So, you have to exchange your initial shortlived token for a longlived token with a server side call:

https://graph.facebook.com/oauth/access_token?
client_id=APP_ID& client_secret=APP_SECRET& grant_type=fb_exchange_token& fb_exchange_token=EXISTING_ACCESS_TOKEN 

然后用那个长期存在的令牌查询我/帐户.绝对适合我们，即调试器显示:'Expires: Never'

And then query me/accounts with that longlived token. Definitly works for us, i.e. the debugger shows: 'Expires: Never'

编辑 - 我们的流程

所以，我们要做的是:

• 首先使用我们的应用程序客户端身份验证用户接受请求的权限并将他的帐户与我们的应用程序连接后返回的代码"

• first client side authentication with our app where we get a "code" back after the user accepts the requested permissions and connects his account with our app

https://www.facebook.com/dialog/oauth?client_id=YOUR_APP_ID &redirect_uri=YOUR_REDIRECT_URI &scope=COMMA_SEPARATED_LIST_OF_PERMISSION_NAMES &response_type=code

https://www.facebook.com/dialog/oauth? client_id=YOUR_APP_ID &redirect_uri=YOUR_REDIRECT_URI &scope=COMMA_SEPARATED_LIST_OF_PERMISSION_NAMES &response_type=code

现在在我们的服务器应用程序中，我们使用服务器端身份验证交换访问令牌的代码:

Now in our server application we use server side authentication to exchange code for access token:

https://graph.facebook.com/oauth/access_token?client_id=YOUR_APP_ID &redirect_uri=YOUR_REDIRECT_URI &client_secret=YOUR_APP_SECRET &code=CODE_GENERATED_BY_FACEBOOK

https://graph.facebook.com/oauth/access_token? client_id=YOUR_APP_ID &redirect_uri=YOUR_REDIRECT_URI &client_secret=YOUR_APP_SECRET &code=CODE_GENERATED_BY_FACEBOOK

使用这个 access_token，我们进行服务器端交换，如上所述

With this access_token we do the server side exchange as described above

现在我们请求 me/accounts 并且结果 access_token 始终有效

Now we request me/accounts and the resulting access_token is always valid

希望有帮助

这篇关于如何获取未过期的页面访问令牌?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！