I have my auth_token and created my session, but now I need to retrieve it again after switching from HTTP to HTTPS.

If you established a session over HTTP but need to switch to HTTPS, you can retrieve a session key again by calling Auth.getSession() and passing in the auth_token you got when you called Auth.createToken().

This isn’t required by web apps, as there’s currently no way for a user to interact with your app over an HTTPS connection to http://apps.facebook.com (it will either bounce them back to HTTP automatically or give an error about using a security certificate for the wrong domain).

You can also pass a generate_session_secret boolean into Auth.getSession() if you’d like it to generate and return a temporary secret key associated with the session. You can use that secret instead of your app’s API secret key for the duration of this session.