Skip to main content

Overview

AccessToken encapsulates all the data associated with a Facebook user access token: the token string itself, the user and app IDs, the set of granted and declined permissions, and expiry information. The class keeps a global current token in sync with login state and notifies observers when it changes.
ModuleFacebookCore
Objective-C nameFBSDKAccessToken
AvailabilityiOS 12+

Static properties

current
AccessToken?
The current, active access token for the logged-in user. Set automatically when a user logs in with Facebook Login. Setting this property to nil marks the user as logged out.
if let token = AccessToken.current {
    print(token.userID)
}
isCurrentAccessTokenActive
Bool
Returns true when current is non-nil and isExpired is false.
if AccessToken.isCurrentAccessTokenActive {
    // safe to make authenticated Graph API calls
}
tokenCache
TokenCaching?
The cache used to persist and restore the current access token between app launches. The SDK sets this to a UserDefaults-backed implementation by default.

Instance properties

tokenString
String
The raw OAuth token string. Pass this value in the access_token parameter of Graph API requests when you need to supply it explicitly.
userID
String
The Facebook user ID associated with this token.
appID
String
The Facebook app ID for which this token was issued.
permissions
Set<Permission>
The set of permissions the user has granted. Use hasGranted(_:) to check for a specific permission.
declinedPermissions
Set<Permission>
The set of permissions the user explicitly declined during a login flow.
expiredPermissions
Set<Permission>
The set of permissions that have expired and must be re-requested.
expirationDate
Date
The date and time when this token expires. After this date isExpired returns true.
dataAccessExpirationDate
Date
The date and time when data access for this token expires. After this date isDataAccessExpired returns true, even if the token itself is still valid.
refreshDate
Date
The date and time when this token was last refreshed.
isExpired
Bool
Returns true when the current date is past expirationDate.
isDataAccessExpired
Bool
Returns true when the current date is past dataAccessExpirationDate.

Instance methods

hasGranted(_:)

Returns whether the user has granted the given permission. 
public func hasGranted(_ permission: Permission) -> Bool
body.permission
Permission
required
The permission to check, for example Permission(stringLiteral: "email").
Returns true if permission is in the permissions set.

Static methods

refreshCurrentAccessToken(_:)

Attempts to extend the lifetime of current by making a token refresh request to the Graph API. The completion block receives the updated token or an error. 
public static func refreshCurrentAccessToken(
    _ completion: GraphRequestCompletion?
)
body.completion
GraphRequestCompletion?
A closure called when the refresh completes. Receives the connection, the raw response, and any error.

Notifications

NameDescription
Notification.Name.AccessTokenDidChangePosted on the default NotificationCenter whenever AccessToken.current changes. The userInfo dictionary contains AccessTokenChangeNewKey and AccessTokenChangeOldKey for the new and previous token values.

Usage example

import FacebookCore

func checkLoginState() {
    guard let token = AccessToken.current, !token.isExpired else {
        // No valid token — prompt the user to log in
        return
    }

    print("Logged in as user:", token.userID)
    print("Token expires:", token.expirationDate)

    if token.hasGranted(Permission(stringLiteral: "email")) {
        print("Email permission granted")
    }

    if token.hasGranted(Permission(stringLiteral: "user_friends")) {
        print("Friends permission granted")
    }
}

// Observe token changes
NotificationCenter.default.addObserver(
    forName: .AccessTokenDidChange,
    object: nil,
    queue: .main
) { notification in
    let newToken = notification.userInfo?[AccessTokenChangeNewKey] as? AccessToken
    print("Token changed. New user ID:", newToken?.userID ?? "none")
}

Build docs developers (and LLMs) love

Get started for freeTalk to us