To request permissions you need to send the app id and the list of required permissions with the description their use cases to email

Permissions list

VALUABLE_ACCESSMain permission, necessary to call most methods
LONG_ACCESS_TOKENGetting long access tokens from OAuth
PHOTO_CONTENTAccess to photos
GROUP_CONTENTAccess to groups
VIDEO_CONTENTAccess to videos
APP_INVITEPermission to invite friends to the app by friends.appInvite
GET_EMAILAccess to users email

The access token with long lifetime LONG_ACCESS_TOKEN

If the user has given the application a LONG_ACCESS_TOKEN permission, a token with a long lifetime is issued. This token returns in the access_token parameter but its lifetime is increased to 30 days.

Extending access token lifetime occurs in following situations:

  1. Automatically when calling any API method if the call is made using the access token with long life. Lifetime is set to 30 days from the last auto-extension, but the extension does not occur more than 1 time per day for optimization reasons. In repeated API calls during the day, the lifetime will be calculated from the date of the first API call. So if API application is used regularly, access token will be extended automatically and nothing further has to be done.

  2. Also token can be extended explicitly by API method auth.touchSession. In this case the lifetime is set to 30 days from the time of the method call.

Token is valid as long as the user does not cancel the authorization API applications on page or changes his account’s password.