Generate Instagram & Facebook Long-Lived Token

by | Sep 26, 2025 | Uncategorized

Table of Contents

User Guide – n8n Workflow

“Generate Instagram & Facebook Long-Lived Token & Retrieve IG Business Account ID”

This guide explains how to import, configure, run, and understand the provided n8n workflow. It also covers security best practices and troubleshooting.

Download this Workflow and import in your n8n Workflow:
FaceBook-Long-Lived-Token.json

1) Overview

This workflow performs three tasks:

  1. Exchanges a Short-Lived User Access Token for a Long-Lived User Token (~60 days valid).
  2. Lists all Facebook Pages linked to that user (with Page ID & Page Token).
  3. Retrieves the Instagram Business/Creator Account ID linked to each Page.

Workflow Nodes:

  • Manual Trigger → start the workflow manually
  • ⚙️ Config (Set) → enter your App data and Short-Lived Token
  • Generate Instagram Long Lived Token (Code/Function) → API calls and main logic
  • Output (Set) → displays the Long-Lived Token in a simple field

2) Requirements

  • A Facebook App (App ID & App Secret).
  • A fresh Short-Lived User Access Token created for your app.
    • Create via the Graph API Explorer: <https://developers.facebook.com/tools/explorer/>
  • The user of the token must have Page permissions (Admin/Editor).
  • The Page must be linked to an Instagram Business or Creator account.
  • Recommended Scopes:
    • pages_show_list, pages_read_engagement, instagram_basic (optionally business_management).

> ⚠️ Note: If your app is in Development Mode, the user must be added as a Tester/Developer/Admin in the app settings.

3) Import into n8n

  1. Open n8n → Workflows  Import.
  2. Paste or upload the provided JSON.
  3. Open the imported workflow.

4) Configuration (⚙️ Config Node)

Fill out the fields in the ⚙️ Config node:

  • API_VERSION → e.g. v23.0
  • APP_ID → your Facebook App ID
  • APP_SECRET → your Facebook App Secret
  • SHORT_LIVED_TOKEN → your fresh User Token (from Graph API Explorer)

> 💡 Security Tip: Use n8n Credentials or Environment Variables instead of hardcoding sensitive values.

5) Create a Short-Lived Token (Graph API Explorer)

  1. Open the Graph API Explorer.
  2. Select your app.
  3. Click Get User Access Token.
  4. Select the required scopes:
    • pages_show_list
    • pages_read_engagement
    • instagram_basic
    • (optionally business_management)
  5. Click Generate Access Token.
  6. Copy the token into the SHORT_LIVED_TOKEN field in the Config node.

6) Run the Workflow

  1. Click Execute Workflow on the Manual Trigger node.
  2. The Generate Instagram Long Lived Token node performs the API calls.
  3. The Output node shows the longLivedToken.
  4. Full details (Pages + IG IDs) are visible in the execution output of the Code node.

7) Understanding the Output

The workflow returns multiple items:

  • Item 0 (meta):

    • longLivedToken – the new ~60-day User Token
    • apiVersion, pagesCount, expiresIn

  • Item 1…n (per Page):

    • pageName, pageId, pageToken
    • instagramBusinessAccountId (if linked, otherwise null)
    • hasInstagramBusinessAccount (Boolean)

Best practice:

  • Use a Set node to extract only required fields (e.g. pageId, instagramBusinessAccountId).
  • Use an IF node to filter only Pages that have an IG ID.
  • Store tokens securely (Credentials/Secrets).

8) Security & Best Practices

  • 🔒 Never share tokens in screenshots or logs.
  • ♻️ Rotate tokens before they expire.
  • ✅ Use the principle of least privilege (only required scopes).
  • 🔐 Keep your n8n workflow private unless scrubbed of secrets.

9) Troubleshooting

❌ Error: code 190, subcode 463 (OAuthException)

  • Cause: Short-Lived User Token expired.
  • Fix: Generate a new token in the Graph API Explorer and re-run.

❌ Error: (#200) Permissions error

  • Cause: Missing scopes or insufficient Page permissions.
  • Fix: Add scopes, ensure the user is Page Admin/Editor, verify IG linking.

⚠️ Empty instagramBusinessAccountId

  • Cause: Page not linked to an IG Business/Creator account.
  • Fix: Link the Page to an IG account in Meta Business/Accounts Center.

❌ Wrong App selected

  • Cause: Short-Lived Token does not belong to the App ID/Secret configured.
  • Fix: Generate the token using the correct app in the Explorer.

⚙️ Development vs Live Mode

  • Dev Mode: user must be added as Tester/Developer/Admin.
  • Live Mode: some scopes may require App Review.

10) Example cURL Checks

Exchange Short-Lived → Long-Lived Token:

curl -G "https://graph.facebook.com/v23.0/oauth/access_token" \
  --data-urlencode "grant_type=fb_exchange_token" \
  --data-urlencode "client_id=APP_ID" \
  --data-urlencode "client_secret=APP_SECRET" \
  --data-urlencode "fb_exchange_token=SHORT_USER_TOKEN"

11) FAQ

How long is a Long-Lived Token valid?
~60 days. Refresh it regularly.

What’s the difference between User Token & Page Token?
User Token: belongs to a user, used to fetch Pages (/me/accounts).

Page Token: belongs to a Page, used for Page-specific requests.

Can this process be automated?
Yes. Implement an OAuth Authorization Code flow in your app → exchange for a Short-Lived Token → swap for Long-Lived Token → use in n8n.

Workflow & Documentation by @iMan
https://imanetworks.ch/

Automate 
 with this Workflow