- Joined
- Apr 30, 2024
- Messages
- 220
Let’s start with a rather frustrating issue: when working with the Facebook Marketing API using a token from Ads Manager, that token tends to refresh unpredictably. It can expire daily, weekly, or even hourly—depending on Facebook’s internal fraud detection triggers. As soon as the system flags suspicious activity, the token is rotated. Other causes include logging out, password changes, or prolonged inactivity.
To make matters worse, if you send a request like the one below to Facebook, the response is quite clear: these tokens are not intended for long-term use via the API.
{
"error": {
"message": "Invalid OAuth access token - Cannot parse access token",
"type": "OAuthException",
"code": 190,
"fbtrace_id": "ApGLEtBeKxlrcHtQwLR_uTn"
}
}
If you check this token in the Access Token Debugger, it might appear as if it has no expiration—but in reality, it was likely issued just a minute ago. This is misleading and problematic.
New Friction: Cookie Dependency
There’s another recent complication. Previously, tokens from Ads Manager could be used without cookies. Now, sending requests without valid cookies results in errors like this:{
"error": {
"message": "Invalid request.",
"type": "OAuthException",
"code": 1,
"fbtrace_id": "AZtzpkeXv5S5tNosPDR4QhT"
},
"fb_trace_id": "GVh7IRyrVAd",
