facebook will not be able to return the access token to your application if one of the parameters in the request is incorrect. during the development of my oauth structure, I tested setting each required parameter to an incorrect value (i.e. I added the line 123abc to the beginning of the correct value). here are the results:
invalid client id when requesting access token from facebook, returns json error:
{ "error": { "message": "Error validating application. Invalid application ID.", "type": "OAuthException", "code": 101 } }
wrong client secret when requesting access token from facebook, returns json error:
{ "error": { "message": "Error validating client secret.", "type": "OAuthException", "code": 1 } }
wrong code when requesting access token from facebook, returns json error:
{ "error": { "message": "Invalid verification code format.", "type": "OAuthException", "code": 100 } }
wrong grant type when requesting access token from facebook, returns json error:
{ "error": { "message": "Invalid grant_type: '123abcauthorization_code'. Supported types: authorization_code, client_credentials", "type": "OAuthException", "code": 100 } }
wrong area when requesting access token from facebook, returns json error:
{ "error": { "message": "Unsupported scope: '123abcemail'. Supported scopes: ads_management create_event create_note email export_stream friends_about_me friends_activities friends_birthday friends_checkins friends_education_history friends_events friends_games_activity friends_groups friends_hometown friends_interests friends_likes friends_location friends_notes friends_online_presence friends_photo_video_tags friends_photos friends_questions friends_relationship_details friends_relationships friends_religion_politics friends_status friends_subscriptions friends_videos friends_website friends_work_history manage_friendlists manage_notifications manage_pages offline_access photo_upload publish_actions publish_checkins publish_stream read_friendlists read_insights read_mailbox read_page_mailboxes read_requests read_stream rsvp_event share_item sms status_update user_about_me user_activities user_birthday user_checkins user_education_history user_events user_games_activity user_groups user_hometown user_interests user_likes user_location user_notes user_online_presence user_photo_video_tags user_photos user_questions user_relationship_details user_relationships user_religion_politics user_status user_subscriptions user_videos user_website user_work_history video_upload xmpp_login", "type": "OAuthException", "code": 100 } } '123abcemail' Supported scopes:. ads_management create_event create_note email export_stream friends_about_me friends_activities friends_birthday friends_checkins friends_education_history friends_events friends_games_activity friends_groups friends_hometown friends_interests friends_likes friends_location friends_notes friends_online_presence friends_photo_video_tags friends_photos friends_questions friends_relationship_details friends_relationships friends_religion_politics friends_status friends_subscriptions friends_videos friends_website friends_work_history manage_friendlists manage_notifications manage_pages offline_access photo_upload { "error": { "message": "Unsupported scope: '123abcemail'. Supported scopes: ads_management create_event create_note email export_stream friends_about_me friends_activities friends_birthday friends_checkins friends_education_history friends_events friends_games_activity friends_groups friends_hometown friends_interests friends_likes friends_location friends_notes friends_online_presence friends_photo_video_tags friends_photos friends_questions friends_relationship_details friends_relationships friends_religion_politics friends_status friends_subscriptions friends_videos friends_website friends_work_history manage_friendlists manage_notifications manage_pages offline_access photo_upload publish_actions publish_checkins publish_stream read_friendlists read_insights read_mailbox read_page_mailboxes read_requests read_stream rsvp_event share_item sms status_update user_about_me user_activities user_birthday user_checkins user_education_history user_events user_games_activity user_groups user_hometown user_interests user_likes user_location user_notes user_online_presence user_photo_video_tags user_photos user_questions user_relationship_details user_relationships user_religion_politics user_status user_subscriptions user_videos user_website user_work_history video_upload xmpp_login", "type": "OAuthException", "code": 100 } }
and of course, when I do not add 123abc to the values, then the access token is correctly returned in each case.
these answers relate to December 2012, but of course facebook may decide to change them at any time in the future without warning.