Skip to main content
__wf_reserved_inherit

Facebook App Keys

Description

General

  • Documentation: https://developers.facebook.com/docs/facebook-login/access-tokens/#apptokens
  • Summary: Facebook access tokens are strings used for identification and are of three types: either to identify a user, an application, or Page. Application access tokens are used to modify and read app settings. They can also be used to publish Open Graph actions. They are generated using a pre-agreed secret between the app and Facebook and is then used during calls that change app-wide settings.
  • IPs allowlist: This feature is not available.
  • Scopes: App access tokens are only limited to access and modify application data (no reach on users, pages, or clients).

Revoke the secret

There is no direct information on how to revoke app access token.

Check for suspicious activity

Facebook API has access to an AppEventLogger class in order to monitor various activities (see here).

Details for Facebook app keys

  • Family: Api

  • Category: Social network

  • Company: Facebook

  • High recall: False

  • Validity check available: True

  • On-premise instances exist: False

  • Only valid secrets raise an alert: True

  • Minimum number of matches: 2

  • Occurrences found for one million commits: 51.73

  • Prefixed: False

  • PreValidators:

- type: FilenameBanlistPreValidator
  banlist_extensions: []
  banlist_filenames: []
  check_binaries: false
  include_default_banlist_extensions: true
  ban_markup: false
- type: ContentWhitelistPreValidator
  patterns:
    - facebook
    - fb(-|_)?(client|app|id|key|secret)
- type: BanMinifiedPreValidator
  threshold_minified: 0.8

Examples

- text: |
    facebook String appId = "294790898041575"; String appSecret = "ce3f9f0362bbe5ab01dfc8ee565e4372"
  client_id: '294790898041575'
  client_secret: 'ce3f9f0362bbe5ab01dfc8ee565e4372'
- text: |
    String fb_id = "294790898041575"; String fb_secret = "ce3f9f0362bbe5ab01dfc8ee565e4372"
  client_id: '294790898041575'
  client_secret: 'ce3f9f0362bbe5ab01dfc8ee565e4372'
- text: |
    facebook String appId = "294790898041575"; String appSecret = "ce3f9f0362bbe5ab01dfc8ee565e4372"
  client_id: '294790898041575'
  client_secret: 'ce3f9f0362bbe5ab01dfc8ee565e4372'
__wf_reserved_inherit__wf_reserved_inherit

Something we didn’t cover?

__wf_reserved_inherit

See our Roadmap

__wf_reserved_inherit

Subscribe on GitHub

__wf_reserved_inherit

Submit a request

__wf_reserved_inherit

API status