Home/ Questions/Q 8105375
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-06T00:08:49+00:00

I’m trying to figure out how my iOS app should work after Facebook make

  • 0

I’m trying to figure out how my iOS app should work after Facebook make
the offline_access permission deprecated. Docs are unclear and I read
them all a couple of times.

What I’m trying to do is:

  1. I authorise my iOS app with FB:

    [_facebook authorize: [NSArray arrayWithObjects: @"email", @"publish_stream", @"user_birthday", nil]];

  2. Then, I request the "me" from graph API to get the FB ID cause I need
    it:

    [_facebook requestWithGraphPath: @"me" andDelegate:self];

  3. Then in:

    -(void)request: (FBRequest*)request didLoad: (id)result

I check the expiration date of the token 

if ([_facebook.expirationDate timeIntervalSinceNow] < 60*60*24) // 1 day 
{ 
   [self extendAccessTokenWithAppID:kFacebookAppID 
                          appSecret:kFacebookAppSecret     
                      existingToken:_facebook.accessToken]; 
}

My method that extends the token simply contacts the endpoint which is
described in the docs I mentioned at the beginning.

-(void)extendAccessTokenWithAppID:(NSString*)appID appSecret:(NSString*)appSecret existingToken:(NSString*)existingToken 
{
      NSString *requestString = [NSString stringWithFormat:@"oauth/access_token?client_id=%@&client_secret=%@&grant_type=fb_exchange_token&fb_exchange_token=%@", appID, appSecret, existingToken];

      [_facebook requestWithGraphPath: requestString andDelegate: self]; 
}

I handle the response in 

- (void)request: (FBRequest*)request didLoad: (id)result

but what I get is always the same token and the same expiration date that I passed to the endpoint. The expiration date is never extended and is just a short 1-2 hours (normal for short lived
access token). This means that the token was not extended.

I have Remove offline_access permission set to Disabled.

Do you know what can be wrong in my approach? Thanks for any help!

P.S
I found similar questions on StackOverflow but none of the answers is working for me, e.g.
Access Token expire time with offline_access permission

Update:

Enabling the Remove offline_access permission makes FB return only long lived tokens. I tested this by creating a new FB account and logging with this account in my app. I was given the long lived token straight away.

With Remove offline_access permission disabled FB gives me only short lived access tokens, even if I try to extend the short lived token using the endpoint provided in the docs. The endpoint returns same token with the same expiration date.

The crucial problem is that I cannot test the scenario when FB gives me short lived access token and I contact the endpoint to extend it to be long lived access token. Seems like FB developers are not ready for the feature they want to introduce.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Things to check which could be causing you problems here

    1. You have disabled offline_access in the advanced settings of your app
    2. You’re using the most recent copy of the SDK. It’s currently unversioned, but older copies won’t support the access token extension
    3. You’ve configured SSO per the instructions in the docs
    4. You’ve waited until a user’s token expires entirely – you may be getting ‘new’ short tokens because you’re retrying, but once the token expires entirely, you should get a longer token the next time the user comes back
    • 0