Facebook is going to Deprecate the Offline Access Extended Permission

Facebook is going to Deprecate the Offline Access Extended Permission!

Just in case you don’t know, to have your apps or web sites to interact with Facebook on behalf of the user, we need an access token.  That token, be default, is get expired.  In order to get Access_tokens that will not get expired, you need to obtain from user the offline access extended permission.

Now, Facebook announces that they will deprecate the offline access permission.  According to Facebook,

While we are deprecating the use of the offline_access permission, through a migration setting in the Developer App, we are now allowing the option to reset the expiration time for existing, valid access_tokens each time a user interacts with your site.

Basically, the new access token will have a 60-day expiry time.  And you have to extend that if needed.  The method of extending the life time of an access token depends on whether you obtained that at the server side or at the client side.

It seems that Facebook tries to protect the users by ensuring that apps or websites won’t get a never-expired access token.  However, the consequence of making this move (granting token with a default of 60-day expiry time) may do more harm than help!

For details, please refer to https://developers.facebook.com/docs/offline-access-deprecation/.

About takwing

A moderator of the Official Facebook Developer Forum. http://www.takwing.idv.hk/tech/fb_dev/index.php
This entry was posted in news and tagged , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *