Let's say I've got a var generated on the fly (e.g. a Facebook API call which returns the user ID). I then want to send this var to my own server using jQuery's AJAX.
My question - is this secure? Could someone intercept and insert their own value before the AJAX is sent to my server? If this is not secure how does one go about doing such AJAX posts?
Yes, someone could intercept it and change the value unless you use HTTPS. So that would basically be the solution to making that secure, along with an authentication system of some sort. Other than that, make sure you don't store anything secret in that var as your users could easily see the value of that.
Verify/Pull the ID server side e.g http://graph.facebook.com/1303834107 :)
Could someone intercept and insert their own value before the AJAX is sent to my server?
That depends on who you mean by "someone".
If you are talking about a third party attacker, then possible attack points are:
If you are talking about the user of the browser, then there is nothing you can do to stop them changing the data. The user is in total control of what their browser sends to your server. The only defence you have is taking their browser out of the equation (which would involve using OAuth to get permission to access their Facebook account from your server).