I work on a project that has facebook pages as one of its data sources. It imports some data from it periodically with no GUI involved. Then we use a web app to show the dat
Following the instructions laid out in Facebook's extending page tokens documentation I was able to get a page access token that does not expire.
I suggest using the Graph API Explorer for all of these steps except where otherwise stated.
If you already have an app, skip to step 1.
You don't need to change its permissions or anything. You just need an app that wont go away before you're done with your access token.
The token that appears in the "Access Token" field is your short-lived access token.
Following these instructions from the Facebook docs, make a GET request to
https://graph.facebook.com/v2.10/oauth/access_token?grant_type=fb_exchange_token&client_id={app_id}&client_secret={app_secret}&fb_exchange_token={short_lived_token}
entering in your app's ID and secret and the short-lived token generated in the previous step.
You cannot use the Graph API Explorer. For some reason it gets stuck on this request. I think it's because the response isn't JSON, but a query string. Since it's a GET request, you can just go to the URL in your browser.
The response should look like this:
{"access_token":"ABC123","token_type":"bearer","expires_in":5183791}
"ABC123" will be your long-lived access token. You can put it into the Access Token Debugger to verify. Under "Expires" it should have something like "2 months".
Using the long-lived access token, make a GET request to
https://graph.facebook.com/v2.10/me?access_token={long_lived_access_token}
The id
field is your account ID. You'll need it for the next step.
Make a GET request to
https://graph.facebook.com/v2.10/{account_id}/accounts?access_token={long_lived_access_token}
The JSON response should have a data
field under which is an array of items the user has access to. Find the item for the page you want the permanent access token from. The access_token
field should have your permanent access token. Copy it and test it in the Access Token Debugger. Under "Expires" it should say "Never".