Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/Jhon-mantila/pluging-wordpress/llms.txt

Use this file to discover all available pages before exploring further.

The [facebook_posts] shortcode fetches posts from a Facebook Page using the Facebook Graph API v25.0. To use it you need a Page Access Token with the pages_read_engagement permission. This guide explains how to create a Facebook app, generate the token, and configure it in WordPress.

What you need

  • A Facebook account with Admin access to the Facebook Page whose posts you want to display
  • A Facebook Developer account (free — register at developers.facebook.com)
  • A Facebook app of type Business
  • A Page Access Token with the pages_read_engagement permission
  • Your numeric Facebook Page ID

Steps

1

Log in to Facebook Developers

Go to https://developers.facebook.com/ and log in with your Facebook account. If you have not registered as a developer before, follow the prompt to complete registration — it only takes a moment.
2

Create a new app

Click My Apps → Create App. On the “What do you want your app to do?” screen choose Other, then select the Business app type and click Next. Give your app a name (e.g. My WordPress Site), enter a contact email, and click Create App.
3

Add the Facebook Login product

In the app dashboard, scroll down to the Add Products to Your App section and click Set Up next to Facebook Login. This product unlocks the ability to request page permissions and generate access tokens.
4

Open Graph API Explorer

In the top navigation click Tools and select Graph API Explorer, or go directly to https://developers.facebook.com/tools/explorer/.
5

Select your app and page

In the Meta App dropdown at the top-right of the Explorer, select the app you just created. In the User or Page dropdown, select the Facebook Page you want to display posts from.
6

Request the pages_read_engagement permission

Click Add a Permission and search for pages_read_engagement. Select it. Then click Generate Access Token. Facebook will ask you to log in and approve the requested permissions for your page.
7

Exchange for a long-lived token (recommended)

The token generated in the Explorer is short-lived (~1 hour). To exchange it for a long-lived token (~60 days), open the Access Token Debugger at https://developers.facebook.com/tools/debug/accesstoken/, paste your short-lived token, and use the Extend Access Token button at the bottom of the page. Copy the resulting long-lived token.
8

Find your Page ID

Your numeric Page ID can be found in Facebook Page Settings → Page Info under “Facebook Page ID”. Alternatively, look at your page’s URL — for pages that still show a numeric slug the ID is the number in the URL. For named pages (e.g. facebook.com/mypage), use the Graph API Explorer to query /{page-name}?fields=id and read the id field from the response.
9

Save the token and Page ID in WordPress

In your WordPress dashboard go to EsquinaWeb → Facebook, paste the Page Access Token and the Page ID into their respective fields, and click Save.

Understanding token types

Short-lived tokens expire after approximately 1 hour and are only suitable for testing. Long-lived tokens last approximately 60 days and are intended for production use. For fully automated deployments — where you cannot manually refresh the token every 60 days — consider creating a System User token through Meta Business Suite, which does not expire. Regardless of token type, never put the token directly in shortcode attributes or post content.

Finding your Page ID from a URL

For pages with a numeric URL slug (e.g. https://www.facebook.com/631930116676494), the number in the URL is your Page ID. For pages with a named slug (e.g. https://www.facebook.com/mypagename), use the Graph API Explorer to query:
/mypagename?fields=id
The response will contain your numeric Page ID:
{
  "id": "631930116676494"
}

Alternative: define the token in wp-config.php

Storing the token in wp-config.php keeps it out of the WordPress database and out of any database exports or backups.
wp-config.php
define('ESQUINA_FB_PAGE_ACCESS_TOKEN', 'your_page_access_token_here');
The plugin resolves the access token using the following priority chain:
  1. Admin DB optionesquina_facebook_settings[access_token] (set via EsquinaWeb → Facebook)
  2. wp-config.php constantESQUINA_FB_PAGE_ACCESS_TOKEN
  3. WordPress filteresquina_fb_access_token
Never put your access token in shortcode attributes. The shortcode is stored in post content, which is visible to any user with the edit_posts capability, appears in database exports, and may be cached in plain text. Always configure the token through the admin settings page or wp-config.php.

Facebook Posts Shortcode

Reference for the [facebook_posts] shortcode parameters and examples.

Security Best Practices

Full credential storage guidance and AJAX nonce protection details.

Performance Tips

Caching behaviour and tuning recommendations for the Facebook feed.

Admin Panel

Overview of the EsquinaWeb admin settings panel.

Build docs developers (and LLMs) love