I am currently developing an app via website and the token that Facebook returns back will only be in session for the exact url. In other words, if a user hits site.com and logs in, the token only works for site.com. If the user tries to manually type in www.site.com, the token does not apply.
Any ideas?
The access_token is not tied to a domain. You can even use a valid user token here: https://developers.facebook.com/tools/explorer Give it a try. You can even use it to do things in the graph via a desktop application too.
The app you're using might be setting a session cookie, and that might be tied to a domain though, and that may be the source of your issues.