Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Facebook Authentication for a Web API service/mobile app

Tags:

authentication

facebook

asp.net-web-api

facebook-c#-sdk

I have an ASP.NET MVC Web Api web service and some mobile applications that use it.

I'm struggling to implement an identity provider and security for my app and web service. Can I use Facebook authentication to manage the identity of my users? Reading through the FB Login documentation, I can't see how ... I'm imagining that I would have the users log in via FB, go through the authentication flow that I choose to implement, and then get back an access token. But what happens next time they open my app? How are they authenticated again, and what do I store in my database that uniquely identifies a Facebook user (and user of my app)? I need their identity in the context of my app, not just to know that Facebook said they were OK.

Since this is a Web Api serving up only JSON (no UI), I prefer not to use any javascript. But the fact that you need to redirect at some point in the flows is a concern to me also, because the mobile app shouldn't redirect during login.

like image 692
Andrew B Schultz Avatar asked Nov 12 '12 23:11

Andrew B Schultz

People also ask

How do I set up Facebook OAuth?

In the App Dashboard, choose your app and scroll to Add a Product Click Set Up in the Facebook Login card. Select Settings in the left side navigation panel and under Client OAuth Settings, enter your redirect URL in the Valid OAuth Redirect URIs field for successful authorization.

Where is client OAuth settings in Facebook?

In your Facebook app configuration, click on the Settings tab on the left-hand navigation menu. Then go to the Advanced tab at the top and scroll down to the Client OAuth Settings section.

1 Answers

I know it is late... but this might help you.

The Login part has to be done in the client (WebForm, MVC, Desktop, Mobile, etc)... the client will open a webbrowser (it could be integrated in your app) allow the user to login and give the correct permissions to your app.

Facebook will return an AccessToken to you which will be only valid for a limited time, but you can request an Extention.

Since you want to create a Web Service, your service will have to receive the AccessToken from the client and then you can do whatever you want then it. (Including extending it)

FYI: This post talks about trying to use oauth without a browser.

FB Login Documentation

Hope it helps, Daniel.

like image 79
Daniel Avatar answered Sep 28 '22 22:09

Daniel
Sign in to Comment

Related questions

Facebook Codeless Event - iOS app does not connect to Events Manager
Is facebook suddenly safe against JSON hijacking?
Real time App with Facebook
How to add newlines or carriage returns to description on facebook graph API
Am I allowed to store data retrieved from Facebook connect on my server? [closed]
iOS Development: How can I get a Facebook wall post to show in the friend's news feed?
Combining Facebook likes of URL and Facebook page
Make FB.api() calls synchronous
Android facebook integration
architecture to Facebook-chat from a webpage, (XMPP? Strophe? Punjab?)
Setting up django-allauth 404 error?
fb like button creates a white background on page onload in all ie versions
facebook post to wall dialog is empty
FB.ui dialog not displayed on mobile devices
Using Facebook Javascript SDK to get Graph Data
How to configure a Facebook Application for sub domains
How Facebook and Github change there URL without reloading the page
Facebook - Create New App button does not exist anywhere [closed]
Facebook PHP/JS SDK "Session has expired at unix time" with long life token
Facebook Crawler Bot Crashing Site

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!