How to verify Facebook access token

Question

There s only thing that server has to do  just check any access token s validity   Clients send to the server user id and access token obtained by FB getLoginStatus  As I expected  there would be any URL that checks access token s validity  like http   xxx facebook com access token  xxxxxxxxxxxxxxxxxxxxxxxxxxxx   That returns whether it s available one or not or is there any API  server side  for that

User · Answer

Simply request  HTTP GET    https   graph facebook com USER ID access token xxxxxxxxxxxxxxxxx   That s it

User · Answer

The officially supported method for this is   GET graph facebook com debug token       input token  token-to-inspect        amp access token  app-token-or-admin-token    See the check token docs for more information   An example response is          data              app id   138483919580948            application    Social Cafe             expires at   1352419328            is valid   true            issued at   1347235328            metadata                  sso    iphone-safari                       scopes                  email                 publish actions                       user id   1207059

User · Answer

The app token can be found from this url    https   developers facebook com tools accesstoken

User · Answer

Just wanted to let you know that up until today I was first obtaining an app access token  via GET request to Facebook   and then using the received token as the app-token-or-admin-token in   GET graph facebook com debug token      input token  token-to-inspect       amp access token  app-token-or-admin-token    However  I just realized a better way of doing this  with the added benefit of requiring one less GET request    GET graph facebook com debug token      input token  token-to-inspect       amp access token  app id   app secret    As described in Facebook s documentation for Access Tokens here

User · Answer

You can simply request https   graph facebook com me access token xxxxxxxxxxxxxxxxx if you get an error  the token is invalid   If you get a JSON object with an id property then it is valid   Unfortunately this will only tell you if your token is valid  not if it came from your app

User · Answer

I found this official tool from facebook developer page  this page will you following information related to access token - App ID  Type  App-Scoped User last installed this app via  Issued  Expires  Data Access Expires  Valid  Origin  Scopes  Just need access token  https   developers facebook com tools debug accesstoken

User · Answer

Exchange Access Token for Mobile Number and Country Code  Server Side OR Client Side   You can get the mobile number with your access token with this API https   graph accountkit com v1 1 me  access token xxxxxxxxxxxx   Maybe  once you have the mobile number and the id  you can work with it to verify the user with your server  amp  database     xxxxxxxxxx above is the Access Token  Example Response          id    61940819992708       phone            number     91XX82923912          country prefix    91          national number    XX82923912             Exchange Auth Code for Access Token  Server Side   If you have an Auth Code instead  you can first get the Access Token with this API - https   graph accountkit com v1 1 access token grant type authorization code amp code xxxxxxxxxx amp access token AA yyyyyyyyyy zzzzzzzzzz  xxxxxxxxxx  yyyyyyyyyy and zzzzzzzzzz above are the Auth Code  App ID and App Secret respectively   Example Response        id    619XX819992708       access token    EMAWdcsi711meGS2qQpNk4XBTwUBIDtqYAKoZBbBZAEZCZAXyWVbqvKUyKgDZBniZBFwKVyoVGHXnquCcikBqc9ROF2qAxLRrqBYAvXknwND3dhHU0iLZCRwBNHNlyQZD       token refresh interval sec   XX92000     Note - This is preferred on the server-side since the API requires the APP Secret which is not meant to be shared for security reasons   Good Luck

[facebook] How to verify Facebook access token?

Examples related to facebook