Python - Invalid appsecret_proof provided in the API argument Account Kit - Facebook api - PhpOut

AdityaBorde
December 1, 2016
97 views
1 vote
2 Answers

In the Facebook docs they have mentioned that access_token consist of

AA|facebook_app_id|app_secret

https://developers.facebook.com/docs/accountkit/graphapi

And the appsecret_proof is hash of access token using app secret as key

appsecret_proof = hmac.new((app_secret).encode('ascii'), msg=access_token.encode('ascii'), digestmod=hashlib.sha256).hexdigest()

So I am using the above generated appsecret_proof to call to the endpoint

https://graph.accountkit.com/v1.1/me/?access_token=

with appsecret_proof as the second parameter. But still I am getting Invalid AppSecret_proof provided in API argument

Tags: account-kit facebook facebook-graph-api python

Answers

- Chanel
- December 28, 2016 at 7:57 pm
- 0 votes
0
According to the doc, you need to use an user access token and hash it with app secret to get the app secret_proof and not app access token

Login or Signup to reply.

- MikeN
- August 29, 2017 at 12:01 pm
- 0 votes
0
Your app_token appears to be incorrect, the syntax is <app_id>|<app_secret> — e.g.:
```
facebook_app_id     = '<YOUR_APP_ID>'
facebook_app_secret = '<YOUR_APP_SECRET>'
facebook_app_token  = '{}|{}'.format(facebook_app_id,facebook_app_secret)
```
You can then generate the appsecret_proof as follows:
```
import hmac,hashlib
app_secret_proof    = hmac.new(facebook_app_secret.encode('utf-8'),
                           msg=facebook_app_token.encode('utf-8'),
                           digestmod=hashlib.sha256).hexdigest()
```
Login or Signup to reply.

Please signup or login to give your own answer.

Click here to cancel reply.