Auth.createToken
From Facebook Developer Wiki
Contents |
Description
Creates an auth_token to be passed in as a parameter to login.php and then to auth.getSession after the user has logged in. The user must log in soon after you create this token.
Important: This method is intended for desktop applications, not for Facebook canvas page applications. However, desktop applications that use Facebook Connect for authorization should not use this method. See Authorization and Authentication for Desktop Applications for details.
Parameters
| Required | Name | Type | Description | |
| required | api_key | string | The application key associated with the calling application. If you specify the API key in your client, you don't need to pass it with every call. | |
|---|---|---|---|---|
| sig | string | An MD5 hash of the current request and your secret key, as described in the How Facebook Authenticates Your Application. Facebook computes the signature for you automatically. | ||
| v | string | This must be set to 1.0 to use this version of the API. If you specify the version in your client, you don't need to pass it with every call. | ||
| optional | format | string | The desired response format, which can be either XML or JSON. (Default value is XML.) | |
| callback | string | Name of a function to call. This is primarily to enable cross-domain JavaScript requests using the <script> tag, also known as JSONP, and works with both the XML and JSON formats. The function will be called with the response passed as the parameter. |
Example Return XML
<?xml version="1.0" encoding="UTF-8"?>
<auth_createToken_response
xmlns="http://api.facebook.com/1.0/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://api.facebook.com/1.0/http://api.facebook.com/1.0/facebook.xsd">
3e4a22bb2f5ed75114b0fc9995ea85f1
</auth_createToken_response>
Example Return JSON
"3e4a22bb2f5ed75114b0fc9995ea85f1"
Error Codes
| Code | Description | |
| 1 | An unknown error occurred. Please resubmit the request. | |
|---|---|---|
| 2 | The service is not available at this time. | |
| 4 | The application has reached the maximum number of requests allowed. More requests are allowed once the time window has completed. | |
| 5 | The request came from a remote address not allowed by this application. | |
| 101 | The API key submitted is not associated with any known application. | |
| 104 | Incorrect signature. |
Notes
- This function does not require a
session_keyorcall_id. However, specifying acall_iddoes not cause any problems. The values returned from this call can be stored, but expire on their first use in auth.getSession.
