Connect your Facebook Pages for automated posting
Authentication Flow
Facebook uses OAuth 2.0 with long-lived access tokens. We request permissions for page management and posting capabilities.
- Initial authorization redirects to Facebook's OAuth consent screen
- Short-lived access token is exchanged for a long-lived token (60 days)
- Long-lived tokens can be refreshed indefinitely using the refresh token
- Page-specific tokens are stored separately for each connected page
Stored Credentials
- Access Token (encrypted)
- Refresh Token (encrypted, when available)
- Token Expiration Timestamp
- Page ID and Page Name (for page-specific connections)
Security Measures
- All tokens encrypted using AES-256-CBC before database storage
- Automatic token refresh before expiration
- Page-level permissions ensure minimal required access
- Users can revoke access through Facebook Settings at any time