Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
If a user gives my app the offline_access permission, approximately how long will the OAuth token last for? The documentation simply says:
“By default, most access tokens expire after a short time period to ensure applications only make requests on behalf of the user when the are actively using the application. This permission makes the access token returned by our OAuth endpoint long-lived.”
How long specifically would this token last for? Would it be active 24 hours later?
If I recall correctly, the access token returned when requesting the offline_access permission will remain valid until the user revokes the offline_access extended permission from the application, or the user specifically removes the application. Effectively making it a permanent token.
However, this should always be taken with a grain of salt. Facebook allows themselves the freedom to be able to change their policies at anytime and the ‘long-lived’ wording of the description allows them to invalidate the token at any time. It is recommended that your application handles the scenario of the token becoming invalid as it will cover the user removing application access and the token being invalided for some other reason.