Facebook access token invalid with message "session does not match current stored session"?

It's possible for your access token to become invalid for a variety of reasons (expiry time passed, user changed password, user deauthorized your app, user logged out of Facebook, etc.). You should always design to account for this scenario.

If your users are active, it's easy to get a new access token from the OAuth endpoint without them having to do/see anything. If not, you should make a plan (such as emailing them) for how you will get them to return so you can get a new access token. The scenario you're describing is not necessarily unusual. You can find some code samples here for help on how to handle expired access tokens.


Check out the blog post officially from facebook: How-To: Handle expired access tokens


This is undocumented but I just tested it and it works with expired access tokens. Should work on access tokens that have been invalided if you know their user id, and they haven't revoked privileges to your app. First, you can verify that you still have have the permissions you need by calling using this url:

https://graph.facebook.com/userID/permissions?access_token=appID|appSecret

If you still have publish_stream permissions, you can issue a HTTP POST to this url:

https://graph.facebook.com/userID/feed with post parameters of access_token=appID|appSecret&message=test message