Auth.createToken
From Facebook Developer Wiki
Contents |
Description
Creates an auth_token to be passed in as a parameter to login.php and then to auth.getSession after the user has logged in. The user must log in soon after you create this token.
Important: This method is intended for desktop applications only, not for applications that run in a Web browser.
Parameters
| Required | Name | Type | Description | |
| required | api_key | string | The application key associated with the calling application. | |
|---|---|---|---|---|
| sig | string | An MD5 hash of the current request and your secret key, as described in the How Facebook Authenticates Your Application. | ||
| v | string | This must be set to 1.0 to use this version of the API. | ||
| optional | format | string | The desired response format, which can be either XML or JSON. (Default value is XML.) | |
| callback | string | Name of a function to call. This is primarily to enable cross-domain JavaScript requests using the <script> tag, also known as JSONP, and works with both the XML and JSON formats. The function will be called with the response passed as the parameter. |
Example Return XML
<?xml version="1.0" encoding="UTF-8"?>
<auth_createToken_response
xmlns="http://api.facebook.com/1.0/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://api.facebook.com/1.0/http://api.facebook.com/1.0/facebook.xsd">
3e4a22bb2f5ed75114b0fc9995ea85f1
</auth_createToken_response>
Example Return JSON
"3e4a22bb2f5ed75114b0fc9995ea85f1"
Error Codes
| Code | Description | |
| 1 | An unknown error occurred. Please resubmit the request. | |
|---|---|---|
| 2 | The service is not available at this time. | |
| 4 | The application has reached the maximum number of requests allowed. More requests are allowed once the time window has completed. | |
| 5 | The request came from a remote address not allowed by this application. | |
| 101 | The API key submitted is not associated with any known application. | |
| 104 | Incorrect signature. |
Notes
- This function does not require a
session_keyorcall_id. However, specifying acall_iddoes not cause any problems. The values returned from this call can be stored, but expire on their first use in auth.getSession.
