With offline_access Deprecation Enabled, Still Receiving 2 hour tokens from Server Side OAuth Call

Hopefully we should all know that while we have still having the offline_access permission available, the access token that we obtained normally is a short-lived one.

Wit offline_access deprecated, by default (as according to Facebook’s documentation), we should have received a token that is to be expired only after 60 days by doing a server side OAuth.  However, at the early time of the migration process, it had been reported and confirmed that the token received was still a short-lived one.  We had to exchange the code with Facebook server again so as to get a 60-day expiry date token.

bug report was opened by someone earlier. It is claimed to be fixed on this Thursday (i.e. 2 days ago).

However, I just tested that by using my own application and found that the access token obtained via performing server side OAuth is still a short-lived one.  My app is written by using the PHP SDK and server side OAuth is performed.  So, it seems to me that the problem is not fixed – at least not completely.

Any of us can see the same result as mine?

About takwing

A moderator of the Official Facebook Developer Forum. http://www.takwing.idv.hk/tech/fb_dev/index.php
This entry was posted in Authentication and tagged . Bookmark the permalink.

One Response to With offline_access Deprecation Enabled, Still Receiving 2 hour tokens from Server Side OAuth Call

  1. Alex says:

    You can easily extend the token to get one that expires after 60 days : http://developers.facebook.com/docs/howtos/login/extending-tokens/

Leave a Reply

Your email address will not be published. Required fields are marked *