3

Our app does not have a Facebook login. We have our own login that does not tie to Facebook login any way.
Our server uses a never expire token to make api calls (server to server) as majority of the calls will need to update/manipulate things in our db

However, for some instances it will be beneficial if from our server we can pass our client a "short-lived" token to the web client (UI) which then can use the token to call the Facebook graph api directly in these cases.
We found a way to create a long lived token from a long lived token and pass it along the UI but we would prefer if the token expires quickly so that it minimizes the token theft and unintentional use of our ad accounts using a long lived token from a web browser.

So is it possible to generate short lived token from a system/never expire token to pass it down to UI to make graph api calls or to expire a long lived token, in a way that it does not affect other tokens? Currently it seems when we expire a token, it expires all token within that app.

Nakilon
  • 34,866
  • 14
  • 107
  • 142
Bhavin
  • 427
  • 3
  • 15
  • There is no way to generate short-lived tokens from long-lived ones. But if you embed the JS SDK, it will automatically see to it that you always have a short-lived token on the client, as long as the user is using the web app. – CBroe Feb 06 '17 at 09:05
  • Is there any pointer backing the comment? Haven't found any official docs. – Hille Oct 08 '18 at 19:36

0 Answers0