art & design by sambaneko

Follow @
  • DeviantART
  • Tumblr
  • Twitter
  • Facebook

Setting up Permissions and Obtaining a Page Access Token for Facebook API Usage - Again

This is an update to my previous informational guide, which I said I'd update when it stopped working for me.  Well, that time has come!

I'm going to have to preface this with the reality that this approach is effectively broken by Facebook's latest permission policies. In order to manage your Page via API, you must create and acquire permissions through a Facebook App. While your app is in Development Mode, you will have full access to page management permissions, but any content that you create will not be publicly visible. If you switch your app to Live Mode, the content you created in Dev will become visible, but your page management permissions will be revoked unless and until you complete Facebook's App Review process. Facebook acknowledges the scenario where App Review is unnecessary - "If your app will only be used by app users who have a role on the app itself, App Review is not required" - but this is insufficient for publishing content to a public audience.

So it seems that there is this lousy workaround: put your App in Development Mode, use your permissions to post content, put your App into Live Mode to reveal your content to the public... then put it back into Dev again. This is very much a pain, and I'm hoping I'll find a better solution... In the meantime, I'll leave this info here for what help it may provide.

As before, this guide is intended for developers who want to build simple PHP API functionality to connect to your own Facebook Pages for publishing updates and content.  I don't want any user data, I just want to send my art over to a Facebook Page for my site - if that sounds like your intended usage too, then read on!


The PHP SDK requires 4 pieces of data to successfully interact with your Page through the API:

The first two can be found in the App Dashboard, under Settings > Basic. Your Page ID is located at the bottom of the "About" tab on your Page.

To obtain a sufficient access token, your App needs to be granted some permissions in order to manage your page content. Go to Facebook's Graph API Explorer, and in the right side column, under the "Access Token" heading, your App should be listed in the "Facebook App" drop down.

In the "User or Page" drop down, select "Get Page Access Token," and a pop-up prompt will direct you to select which of your Pages to use with your App, and to enable minimum permissions ("pages_show_list" and "pages_read_engagement") for it.

There's one more that you'll need, so in the "Add a Permission" drop down, select "pages_manage_posts", and then click the "Generate Access Token" button, which will take you through the pop-up process again to add the new permission.

Now you have an access token with the appropriate permissions, but it will only last for the default timespan of one hour. To lengthen its life, click on the blue info icon to the left of the Access Token value, and in the resulting pop-up, click on the "Open in Access Token Tool" button.  This page shows you info about your Access Token, including an "Expires" value.

At the bottom of the page, click on the "Extend Access Token" button, which will give you a new Access Token value.  Click on the "Debug" button to the right of the new token, you should now see that the "Expires" value is "Never."  Paste this Access Token value into your SDK code where you establish a FacebookSession. You should now be able to POST to API endpoints with your Page ID.

If you receive an error regarding the "App Secret Proof," check that "Require App Secret" is set to "No" in your App Dashboard, under Settings > Advanced.  And add the following line to your code prior to making a request:

June 1, 2021

Web Development PHP Facebook API


Return to Top