I have an access token that I stored – I want to use it to post to facebook on behalf of the user. Is there any way to validate that the token is still valid before letting the user post so that I can pop the challenge UI again?
Share
Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I have an access token that I stored – I want to use it to post to facebook on behalf of the user. Is there any way to validate that the token is still valid before letting the user post so that I can pop the challenge UI again?
Are you requesting offline_access? If not, the token will expire, but querying for the token should return the expiration date. You can check it on your side before making the call.
Validating the user has not removed permissions or validating offline_access I believe would require hitting the Facebook servers. I would just try the post and handle the error if it fails. It’s probably more likely than not that the token is valid.
By checking before every call, you are incurring a significant penalty (double the work) to handle the infrequent case. You’d still have to prompt them anyway if the access token is invalid, so I’d just handle the error and prompt after.
Besides, you still have to handle the error anyway, since there is a race condition. You can check the access_token, but in the time between checking and posting, the token could become invalid.