Facebook API - getting a token that never expires

Question

i would like to generate a token that will never expire.

I have the "manage_pages" permission, and if the user has a "fanpage" the token will never expire.

But if the user doesnt have any fanpages created, the token will expire after 2 months.

I am using the newest api (PHP SDK).

This is my login:

$session = $helper->getSessionFromRedirect();

$token = $session->getToken();

And after that, i am doing something like that:

$accounts = new FacebookRequest($session, 
'GET', 
'/me/accounts?fields=picture,access_token,name');

Would be nice if some of you have an idea how i can get a token that never expires allthough the user hasnt a fanpage

Answer 1

The only Tokens that are valid forever are App Access Tokens and Extended Page Access Tokens. You can´t get a User Token that is valid forever, and you never need it anyway. If the user did not visit the App for more than 2 months, he most likely does not use the App anymore. You can refresh a User Token easily though, by using FB.getLoginStatus whenever the User visits your App.

Here´s all you need to know about Access Tokens:

• https://developers.facebook.com/docs/facebook-login/access-tokens/
• http://www.devils-heaven.com/facebook-access-tokens/

Answer 2

If its access to the Graph API that you need, you can call into the Graph API without the need for an App Access token anyways. As mentioned by Facebook:

There is another method to make calls to the Graph API that doesn't require using a generated app token. You can just pass your app id and app secret as the access_token parameter when you make a call: http://graph.facebook.com/endpoint?key=value&access_token=app_id|app_secret The choice to use a generated access token vs. this method depends on where you hide your app secret.

You can read more about this here:

https://developers.facebook.com/docs/facebook-login/access-tokens#apptokens