I have set scopes as follows:
openid profile
offline_access
User.Read Mail.ReadWrite
Mail.Send
Calendars.ReadWrite
Contacts.Read
I want a permanent access token so that I don't need to login again and again.
Help me out, how can I use a token in the login api to get permanent access?
Thanks in advance.
Graph API provides two authentication flow:
1. Get access on behalf of a user
2. Get access without a user
If you want to run the Outlook API in background service(not all app need user signed-in, based on actual demand), you can use the authentication flow #2. By using this way, end user do not need to request Token explicitly, so it look like permanent access token, until the Microsoft/Azure need the admin consent again.
If you want to run the Outlook API just for signed-in user, you can use the authentication flow #1. After get an access Token, store the access Token and Refresh Token in the Token-cache and use the refresh Token to request new Token while the access token lifetime expires. If both access/refresh token have expired, the user need to sign-in again to re-grant permission.
Related
May i know how to get refresh token for my account ,If i have refresh token using that how could access my new access token.
Have a look at the Graph API documentation, it show you how to use the OAuth2 authentication to login to your app, and get a refresh token.
https://graph.microsoft.io/docs/authorization/app_authorization
You still have to write your own http request to get the access token, but that should be pretty straight forward.
We can get access and refresh token without registering Azure AD portal and without providing credit card details.
Please set "offline_access" as part of "scope" which will return access token and refresh token.
More detail refer here OAuth2 at Microsoft
I want Permanent access token for Instagram so that my Customers doesn't need to login again and we should be able to access the user account using Access token directly.
Is it possible to do that ?
Please suggest me the best way.
You can ask user to login for the first time. upon his successful login, save the access token returned by the Instagram API. Use this access token to send signed requests to Instagram API.
Hope this will help.
I have offline access the instagram REST API,
But expire the instagram access token.
How do I get an Instagram permanent access token using REST API in PHP?
(or)
How do I get an Instagram access token without user login ?
Thanks Advance...!!!
How do I get an Instagram permanent access token using REST API in PHP?
From the API docs:
Note that we do not include an expiry time. Our access_tokens have no explicit expiry, though your app should handle the case that either the user revokes access or we expire the token after some period of time.
So all Instagram access tokens are "permanent" until either the user or Instagram expires it.
How do I get an Instagram access token without user login ?
You shouldn't be able to, because that would mean a security breach. If I revoke the token I authorized you to have, you shouldn't be able to just get a new one without my approval.
When my callback URL it's called by facebook, I'm getting a new access token:
$this->facebook->getAccessToken();
But, the generated access token is invalid. I noticed that the generated token it's my APP_ID|APP_SECRET
How can I generate a valid access token to use on a RTU? (I want to get the user's wall).
if you are receiving RTU from facebook and want to get information from graph api your server side previously should store long-term access_token for user. And this access_token should have correct permissions.
So the flow is next:
User loged-in to your app.
Your server should store long-term access_token from here
Your server receives RTU from facebook, where you are using previously saved long-term access token for creating session for requests.
It won't work in another way.
I need help with Facebook OAuth. I am trying to make a facebook news feed gadget for my webpage. What I did is, I created a facebook login page, got the verification code, and then got the access token. There is an expiry parameter in the access token.
My question is, what happens when the token gets expired? Does it become a new token person logs in again. I want to store it in a database, so I can access it anytime I navigate through the webpage.
If I use the access token, will it still get expired? Or does it expire if its not been used for the given expiration time?
The answer to your initial question, is that an access token is only valid whilst the user is logged in. So yes, a new access_token will need to be retrieved every time they log in to your site. This is detailed in the authentication flow documentation.
In order to get an access token which is does not have an expiry (or has a long validity period), you will need to get the user to authorise the offline_access. This should be set in your scope.
Here's a description of the offline_access permission from this documentation:
offline access - Enables your app to perform authorized requests on behalf of the user at any time. By default, most access tokens expire after a short time period to ensure applications only make requests on behalf of the user when the are actively using the application. This permission makes the access token returned by our OAuth endpoint long-lived.
This will not however, give you access forever. If the user changes their password, or deauthorises your application, you will need to get the user to reauthorise it to get a new access_token. If you try to use an out of date access token, an error message will be returned. That's why it's important to have a flow which will allow for such eventualities.
From my knowledge you can achieve this by asking for access my information anytime permission (offline_access) while a user does fconnect.
For Detail information please refer
For Permissions: http://developers.facebook.com/docs/reference/api/permissions/
For expired Token: http://developers.facebook.com/blog/post/500/