Okk, “moment de verite”, Facebook offline_access extended permission has been on 5th December 2012. Why? I don’t know but if I ask myself, I think its mainly because of security or abusive use.
So, what happens to those who are currently using Facebook offline_access extended permission?
<h2>How is it now?</h2>
Though there is no longer offline access, there is the capability to extend short lived session. Facebook automatically renews short lived session I think every 1 to 2 hours but if you want to use the access token for longer period, ensure that you renew it. So, yeah, for now, to confirm, long-lived session are for 60 days while short-lived one are for 1-2 hours.
for those who were not using the extended permission offline_access, you have no changes to make to your application. But application using offline_access will have to add some chunks of code for new users. If you were using offline_access extended permission, this will no longer be asked in the application login dialog box when the user uses your application. For new users, you’ll get a short-lived token which you will use to extend to get a long-lived one. Now, if you try to extend a token which already a long-lived one, you may get the same token or a token with a longer expiration time.
To get a long-lived session, just make a call on this URL with the required parameters replaced,
https://graph.facebook.com/oauth/access_token?
client_id=APP_ID&
client_secret=APP_SECRET&
grant_type=fb_exchange_token&
fb_exchange_token=EXISTING_ACCESS_TOKEN
So, it make sense for you to have a short-lived token before submitting the above request
Further information goes here:)
1. http://developers.facebook.com/roadmap/offline-access-removal/
2. http://developers.facebook.com/docs/howtos/login/extending-tokens/
3. http://stackoverflow.com/questions/10487049/facebook-long-lived-and-short-lived-access-tokens-and-their-expirancy-after-off