What is different between client-side and server-side in Facebook Authentication?

Question

Facebook Platform supports two different OAuth 2.0 flows for user login: server-side (known as the authentication code flow in the specification) and client-side (known as the implicit flow). The server-side flow is used whenever you need to call the Graph API from your web server. The client-side flow is used when you need to make calls to the Graph API from a client, such as JavaScript running in a Web browser or from a native mobile or desktop app.

But, what is difference between server-side and client-side authentication. Because when I use the signed_request which get using JS API and pass it to server, sometimes it is expired.

FB.getLoginStatus(function(response){
    if (response.authResponse && response.authResponse.signedRequest)
    {
        $.get(url,{
                'signed_request':response.authResponse.signedRequest
            },
            function(data){
                //The server response that the signed_request is expired.            
            }
    }
});

Possible duplicate of [When should the server-side vs. client-side Facebook authentication flows be used?](https://stackoverflow.com/questions/8142717/when-should-the-server-side-vs-client-side-facebook-authentication-flows-be-use) — charsi, Sep 15 '17 at 08:28

What is different between client-side and server-side in Facebook Authentication?

0 Answers0