
I am writing Facebook login for my site.I am using Javascript Sdk,but I don't understand one thing.

  function fbLogin() {
   FB.login(function(response) {
   if (response.authResponse) {
    var token=response.authResponse.accessToken;
     FB.api('/me', function(response) {

       $.get('main/check_facebook_status/'+token,function(data) {
            if (data == "true") {

   } else {
     console.log('User cancelled login or did not fully authorize.');
 }, {scope: 'email, publish_stream'});

Can I trust he access token(response.authResponse.accessToken) for identify the user ? Can facebook change the access token ? If changes the access token how can I identify the user ?

Ps:Sorry for bad english

도움이 되었습니까?


Can I trust he access token(response.authResponse.accessToken) for identify the user?

Of-course yes!

Can Facebook change the access token ?

Nope. But it expires after 2 hours, so you have to get the token again. If you want to use this token in future; you can extend the life of the token to 60 days.

You can read more about access tokens here.


The token also becomes invalidated in the following cases-

  • User changes the password
  • User de-authorizes the app
  • User removes the app
라이센스 : CC-BY-SA ~와 함께 속성
제휴하지 않습니다 StackOverflow
scroll top