APP_ID

APP_SECRET

ACCESS_TOKEN

Access token (short-lived or long-lived) obtained through Authorization Flow

POST_ID

TIMESTAMP

INPUT_TOKEN

Access token (short-lived or long-lived) associated with YOU, the Facebook App owner

OWNER_ACCESS_TOKEN

Owner's access token (short-lived or long-lived) obtained

CREATED_TIME

Facebook’s Graph API is the central means for programmatic access to Facebook data.  It is the entry point for reading and writing to Facebook’s “social graph”. 

This course begins with a discussion of the major concepts of the Facebook Graph API. You will learn basic concepts like authentication, authorization, and access tokens. Then, you will build out your mini-project step by step by deploying the "Login with Facebook"  web page. By the end, you will have a thorough understanding of how to build API integrations in your own projects.

Facebook Login and the Facebook Graph API

# The next step in the flow: the access token

In the last lesson, we walked through the Facebook authorization flow. Just before that, we had set up our "Login with Facebook" button, which is the starting point for your users in going through the flow. At the time, you clicked on the "Login with Facebook" button, and you logged in with your Facebook credentials and saw some JSON data output to the screen, with an `accessToken` included in it.

Now that we have walked through the authorization flow, you see why getting that `accessToken` is an important step for moving along in this flow.

# Authorization flow: You are here.

You will recall from our diagram of the Facebook authorization flow in the previous lesson that we (Facebook) have just redirected our user back to our Facebook app, and handed our app an access token. The diagram below shows the step in the flow where we are.

Alice->Taco Inspirations: User visits the Login page
Taco Inspirations->Alice: Initial interactions and Redirect to Facebook
Alice->Facebook (Authorization):Clicks to authorize
Facebook (Authorization)-->Taco Inspirations:YOU ARE HERE: Redirects Alice back, with short-lived access token
Taco Inspirations->Facebook (Authorization):Uses short-lived token to request long-lived token

What you are (figuratively) holding in your hand is an access token, but it is the **short-lived** access token. In the typical OAuth2 flow &mdash; and you can see this in the diagram above &mdash; our next step would be to make a request to the Facebook Graph API to exchange this short-lived access token for a long-lived token.

But actually, you _don't_ have to if you don't want to.

Understand the details of the short-lived access token with "Login with Facebook".

__default

Examining the Short-Lived Access Token

The next step in the flow: the access token

Authorization flow: You are here.