skfbalbums - Show Facebook Image Albums on your TYPO3 Site

Create Facebook Access Token

Before the Cambridge Analytica incident in Spring 2018, it was sufficient to create a simple Facebook App in order to use this extension and retrieve photos from any public Facebook page. This stopped working and now you need to get a special access token using a Facebook App that has been reviewed by Facebook

In case you do not want to go through the App Review process, you can create a Facebook App in development mode and create a page access token for a Facebook Page using a Facebook user that is an administrator of the page and also an administrator or developer or tester of the Facebook App.

The steps below describe the process of creating such an app and then getting a non expiring access token for a specific page.

At the end of this process, you will have your page id and the page access token. You use this data with the TYPO3 extension to create a Facebook Page Token record.

Create Facebook App

  1. Login to facebook with a user that is an admin of the page you want to retrieve photos from
  2. Go to https://developers.facebook.com/apps, create an app (choose the www option), and leave the app in development mode
  3. Write down the app_id and the app_secret of your app from the settings->basic screen
  4. Add the "facebook login product" (choose www option) to the app and in the settings of the "facebook login product", make sure that "Client OAuth Login" is enabled

Get never expiring access token

  1. visit to https://developers.facebook.com/tools/explorer/
  2. select the app you created on the top drop down
  3. click on the get token drop down. If your page shows up in the list, select your page. Otherwise click on the "get page access token" option and follow the instructions (basically select the page you are interested in and ignore any warnings)
  4. in the access token field, the access token for you page should be displayed. Copy it
  5. visit https://developers.facebook.com/tools/debug/accesstoken and paste the access token you copied into the text field. Then click on the Debug button. You will see that this access token expires.
  6. at the bottom of the information displayed, click on the "extend access token" button
  7. a new access token will be displayed. Click on the debug button next to the new access token. The debuger page will open up with the new token prefilled in. Copy it.
  8. the access token from the last step never expires. You can use it only with the page you selected in the first steps

From this last step, you have the access token for a specific page to use in the extension. You will also need the page id of your page. On Facebook, in the about page of your page, the page id should be displayed at the bottom of the page (remember: you must be and administrator of the page)

Older instructions for getting the page access token through a user access token. Not needed anymore

  1. Go to https://developers.facebook.com/tools/explorer/ and select the facebook app from the Application select box.
  2. From the "get token" select box, select "get user access token". From the displayed check boxes, check "manage_pages" and click "Get access token". Ignore the warning and continue with the authentication process.
  3. Copy the generated access token. This token is a short lived access token (valid for about an hour). You can check it at https://developers.facebook.com/tools/debug/accesstoken/)
  4. Use your browser to make a request at the following URL, replacing {app_id} and {app_secret} with the values from your app, and {short_lived_token} with the access token you have just generated 
    https://graph.facebook.com/v3.2/oauth/access_token?grant_type=fb_exchange_token&client_id={app_id}&client_secret={app_secret}&fb_exchange_token={short_lived_token}
  5. You will see a text response with a new access token. Copy it. This is a long lived access token, valid for about 2 months (you can check it again at https://developers.facebook.com/tools/debug/accesstoken/)
  6. Use your browser again and make a request to the folloing URL, replacing {long_lived} with the long lived access token you have just generated 
    https://graph.facebook.com/v3.2/me?access_token={long_lived}
  7. You will see a text response, that includes an id. Copy this id
  8. Use your browser again and make a request to the following URL replaceing {id} with the id you copied from the previous step, and {long_lived} with the long lived access token you got from step 5 
    https://graph.facebook.com/v3.2/{id}/accounts?access_token={long_lived}
  9. You will see a text response containing access tokens from every page and app you own. Find the page you want to retrieve photos from, and copy the access token and the page id (be aware that 2 ids for each entry are shown. Use the correct one!). This is a never expiring access token (you can check it again at https://developers.facebook.com/tools/debug/accesstoken/). You will use this token and page id in TYPO3