In addition to these 5 Things Developers May Not Know About the Upcoming Facebook Redesign, Facebook today offered more clarity on how it’s changing the way sessions work and when session keys are required to make certain function calls. Facebook’s Pete Bratach writes,
The Facebook Platform API will grant your application an active session key every time a user begins interacting with your application. This session key lasts for up to 1 hour after the user stops using the application. You can continue to use this key for any functions that require an active session. Any time the user returns to your application, we will automatically either grant a new session key or (if it’s still active) extend the lifetime of the existing session key for that user.
In addition, Facebook changed many methods that currently require a session key today to no longer require session keys. To get the full list of affected methods, click here.