Home/ Questions/Q 7503955
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-29T21:24:20+00:00

Why do I need to obtain an access token? Also, should I store this?

  • 0

Why do I need to obtain an access token? Also, should I store this? Would I need to get other information? For example, facebook as appId and ApiSecret. What is the benefit of getting these? Also, should I store any of these?

If I store these into mysql when user logs into do I need the user to check against it? before logging in? I don’t understand if this makes sense because first time users don’t have these information?

Would these expire? So would I have to constantly check and replace my old one when user logs in? or if they keep coming to my page?

I’m currently messing around with facebook’s php sdk and I don’t have any of these in my sql yet, but I’m able to still build an input field on my page and pass it into my facebook’s feed. I’m able to get user’s information and other stuff, but why would I need access token/appid/apisecret?

Thanks! I’m so confused!

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    1.Why do I need to obtain an access token?

    access tokens are proofs that you application has required permissions to use currently logged on users information.

    2.should I store this?

    Not required .your SDK will automatically obtain them with your appid when user will connect to your application using facebook.

    3. Would I need to get other information( facebook as appId and ApiSecret)?

    Yes,They are required for facebook to autenticate your app.You need to initialize your SDK with theese.

    4.If I store these into mysql when user logs into do I need the user to check against it? before logging in?

    After you initialize your app with APP ID and SECRET .you can get the id of the current facebook user
    You can save in your database
    FacebookID->UserID for your users in your website.

    If current FacebookID matchs with your users s in your website. you can log them in else redirect to registration form

    5.Would these expire?
    That would be handled by SDK.You only need to check if the currently logged in facebook user is user for your site.APPID and APPSECRET dont expire.

    6.why would I need access token/appid/apisecret?
    Because OAuth 2.0 involves three different steps: user authentication, app authorization and app authentication.
    Refer https://developers.facebook.com/docs/authentication/

    • 0