Offline access

Sep 8, 2008 at 3:56 PM

As you no doubt know, the new Facebook profile changes are coming in any time now with the associated abandoning of infinite sessions.  From my reading of the Facebook forums and the developer's site it seems that the 'offline access' extended permission is the thing that's going to replace infinite sessions.

My query is related specifically to desktop apps.  Infinite sessions/offline access is essential in order to prevent a user having to login to your app everytime they use it, but according to the Facebook developer's site (and I've confirmed this) the offline access extended permission cannot be granted through the authorize.php page.  If this is the case the FDK cannot be used to grant this permission simply by calling FacebookService.GetExtendedPermission().  So how does a desktop app grant 'offline access', which clearly it would need to give anything like an acceptable user experience?

Any insights would be appreciated.

Sep 9, 2008 at 8:47 AM
might be worth looking into the changes to session requirements for the new api, many of the api calls no longer require a session to be called: http://wiki.developers.facebook.com/index.php/New_Design_Platform_Changes#Changes_to_Session_Keys 
Sep 9, 2008 at 9:11 AM
Unfortunately for desktop apps, it seems that a session key is always required:

http://wiki.developers.facebook.com/index.php/Category:Session_Required_API
http://wiki.developers.facebook.com/index.php/Category:Sessionless_API
http://wiki.developers.facebook.com/index.php/Category:Session_Optional_API
Sep 9, 2008 at 11:43 AM
ah, shame. I had been wondering the same thing myself. updated a console app from 1.7 to 2.0 toolkit. Runs once a day, currently logs into FB with an infinite session key, so I'll keep an eye on this, and report back if I find anything useful!
Sep 9, 2008 at 1:11 PM
From what I've read I think existing infinite sessions will be ok because, for those users who have them, they will automatically be granting offline access as a result of the migration over to the new Facebook profiles and therefore be able to continue using the saved session details.  The issue really is for new users of a desktop app and how they go about granting the offline access permission.  However, if you notice any problems with your infinite sessions please let us know.  Thanks.
Sep 9, 2008 at 1:49 PM
Edited Sep 9, 2008 at 1:52 PM
One question belonging to offline access ("This permission grants an application access to user data when the user is offline or doesn't have an active session."):

Does this mean that my desktop app can get the data of all useres who have granted offline access for the app?
Or does it mean that I only can receive my data and the data of my friends even when I do not have an active session (how does facebook know who I am?)?
Sep 9, 2008 at 2:48 PM
I can't answer your question with any definitive response because I've yet to work out how to use offline access properly.  However, I expect that a desktop app will still need a session to access the api.  All the Facebook documentation seems to say this (see links above).  The session will be specific to the user that created it (as all sessions are), therefore your app will be subject to the usual restrictions on data access.  The only way I can see this working therefore is that the session given to a user who has granted offline access won't expire and will behave in just the same way as infinite sessions do/did.  There is so little documentation on this on the Facebook site which makes it really dificult to understand how this is supposed to work.  I have another thread on the Facebook forums discussing this - http://forum.developers.facebook.com/viewtopic.php?id=20223  Hopefully we'll get some answers.