For using already registered webhooks, we must use something like this:

oauth = Koala::Facebook::RealtimeUpdates.new(app_id: '123', app_secret: '456') # here on initialize request made 
if oauth.validate_update
 #do some work with data

But in real world, we don't need to make initialize request, because validate_update only validates integrity and origin of the payload, no authorization request on this step required, only secret key is needed for checking integrity.

Hi @rusikf! That's a good point. The RealtimeUpdates object shouldn't make a request for the app access token until and unless it actually needs it. I'll rewrite the code to fix that.

Closing since #594 is about to be merged in.