When do I need to use the access token stored in my database?
- This access token is a user access token.
- It seems like the PHP SDK does a pretty good job of getting an access token on it’s own. Though this looks like it’s handled through a Session.
— What if the Session gets wiped somehow?
— Should I provided a link?
— Or should/can I automate this somehow? - I am new to Facebook’s Open Graph API.
- I am using the Facebook PHP SDK.
I also got a little confused with the docs on Facebook and implementing the PHP SDK. After spending a decent amount of time mixing and adapting the two I realized that almost all examples in the docs are a part of the PHP SDK. Hence my above question.
There is no real reason you need to store a users
access_tokenin your database. Chances are the next time you come to use it – it’ll be invalid already. They only last for an hour or two in my experience. Officially, the documentation states :There is no concrete time period of how long a (normal) token can be valid so there would be no reason to store it. If you wanted to have an exhaustive log of all transactions with the API you could store the token as a reference – but that is overkill IMO…
The only reason to store your tokens at all would be if you are dealing with extended access_tokens. If you are looking into that field, I can recommend this post –
” http://facebook.stackoverflow.com/questions/8982025/how-to-extend-access-token-validity-since-offline-access-deprecation “. It seems to be the most comprehensive post dealing with extending the validity of an access_token. You’ll want to do this if you want to make calls to the Graph API on behalf of the user when s/he is not necessarily connected to your application (or logged into Facebook at all for that matter – don’t know if I like that at all…)