(Disclaimer: The access_tokens and appIds in this post are fake and are just intended to look real)
I'm trying to generate an access_token using the call to the following:
https://graph.facebook.com/oauth/access_token?grant_type=client_credentials&client_id=123456789000000&client_secret=03252f2ff1eddffe234a0dc7256abb8c
That gives me an access_token in this format:
access_token=123456789000000|TR528Smvi4AXMM21Zhmi5XmJwmk
If I try to access a fan page that's protected with that token like this I get false back: http://graph.facebook.com/109813019043531?access_token=123456789000000|TR528Smvi4AXMM21Zhmi5XmJwmk
Now, if I use the Graph API Explorer and select the same App as the one I'm using above to generate the access token I get an access token that looks like this:
ABBDSqE43jFSSbrS7ujvyLZClfyKDCZBhAuLXTtr9nwelj4MFwlijzejljEoNItC3lijzm3shemzq3jDFCdAZD
If I use that access token to access the URL (http://graph.facebook.com/109813019043531) it works as expected.
My question is, what is the difference between the two and how can I programmatically generate one that works like the second token?