Hey there! I’ve helped plenty of developers navigate this exact Graph API update, so let’s break down how to get access tokens for multiple Pages smoothly:

1. Start with a Valid User Access Token #

First, make sure you have a User Access Token with the right permissions. For accessing Page insights and managing Pages, you’ll need at least:

• pages_show_list (to see the list of Pages you manage)
• pages_read_engagement (to pull insights data)
• If you need more specific actions, add relevant permissions like pages_manage_metadata

You can generate this token via the Facebook Graph API Explorer or your app’s authentication flow—just make sure it’s not expired.

2. Fetch All Your Managed Pages (and Their Short-Term Tokens) #

Use your User Token to call the /me/accounts endpoint. This will return every Page you have admin access to, along with a short-lived Page Access Token for each one.

Here’s the request:

GET /me/accounts?fields=id,name,access_token

The response will look something like this (simplified):

{
  "data": [
    {
      "id": "123456789",
      "name": "My First Page",
      "access_token": "SHORT-LIVED-TOKEN-1"
    },
    {
      "id": "987654321",
      "name": "My Second Page",
      "access_token": "SHORT-LIVED-TOKEN-2"
    }
  ]
}

3. Convert Short-Term Tokens to Long-Lived Ones #

Short-lived Page Tokens expire after 1 hour—way too short for most use cases. To get a 60-day long-lived token, use each short-lived token with your App ID and App Secret to call the oauth/access_token endpoint:

GET /oauth/access_token?grant_type=fb_exchange_token&client_id=YOUR-APP-ID&client_secret=YOUR-APP-SECRET&fb_exchange_token=SHORT-LIVED-PAGE-TOKEN

The response will give you a access_token field that’s valid for 60 days. You can repeat this for every Page token from the /me/accounts response.

4. Batch Processing (Optional) #

If you have dozens of Pages, you can use the Graph API’s batch request feature to handle multiple token exchanges at once. Here’s an example batch request body:

[
  {"method": "GET", "relative_url": "oauth/access_token?grant_type=fb_exchange_token&client_id=YOUR-APP-ID&client_secret=YOUR-APP-SECRET&fb_exchange_token=SHORT-LIVED-TOKEN-1"},
  {"method": "GET", "relative_url": "oauth/access_token?grant_type=fb_exchange_token&client_id=YOUR-APP-ID&client_secret=YOUR-APP-SECRET&fb_exchange_token=SHORT-LIVED-TOKEN-2"}
]

Send this as a POST request to /batch with your User Token in the header.

Quick Notes to Avoid Headaches #

• Always double-check permissions: If /me/accounts doesn’t return a Page or its access token, your User Token is missing the required permissions for that Page.
• Refresh long-lived tokens before they expire: You can repeat the token exchange process using the current long-lived token to get a new 60-day token.
• Keep tokens secure: Store Page Access Tokens on your server—never expose them to client-side code.

内容的提问来源于stack exchange，提问作者Tatiana