Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Facebook : HTTPS is required for all Redirect URIs

Tags:

https

oauth

facebook-graph-api

I am trying to use facebook sdk for facebook login.

I gave http://localhost as Valid OAuth Redirect URIs but it throws the following error

HTTPS is required for all Redirect URIs.

I used this future few days ago it worked fine. but now it throws this error

And I am not able to disable

Enforce HTTPS

option

like image 451
Sugumar Venkatesan Avatar asked Mar 22 '18 02:03

Sugumar Venkatesan

People also ask

How do I get Facebook valid OAuth redirect URIs?

1. Log in to the Facebook for Developers center, and proceed to My Apps / Facebook Login (steps 1-3 above). 2. In the Valid OAuth redirect URIs field, type the redirect URI for your website and then press ENTER.

What is redirect URI used for?

A redirect URI, or reply URL, is the location where the authorization server sends the user once the app has been successfully authorized and granted an authorization code or access token.

How do I turn off enforce https on Facebook?

This setting is in the Products > Facebook Login > Settings section of the App Dashboard. Disable this setting if you are not building a custom web login flow or using the Facebook Login SDK on the web. Enforce HTTPS.

Is Facebook a https?

Does Facebook use secure browsing (HTTPS)? Yes. Secure browsing (HTTPS) is a security feature that automatically encrypts your connection to Facebook.

2 Answers

I ran into this issue with my Rails app that I usually run with http://localhost:3000.

To use https, I used ngrok which allows you to use https by providing a tunnel. To do this:

  1. I went to their website and downloaded their program
  2. I extracted the file for the program
  3. In my console, I went into the directory where ngrok was extracted to and entered 'grok http 3000' on my Windows machine, others may use './grok http 3000'
  4. After entering that, ngrok provided a https address which I put into the Valid OAuth Redirect URIs field in Facebook
  5. Then I started my server and was able to access it using that https address instead of localhost:3000
like image 152
yellowreign Avatar answered Oct 20 '22 10:10

yellowreign

yep, they changed that recently :-( For testing the login flow locally I installed a self-signed certificate https://letsencrypt.org/docs/certificates-for-localhost/

btw, I doesn't have to be trusted by the browser if you're OK with a one time security warning.

Don't use this certificate in production!

like image 28
LiorH Avatar answered Oct 20 '22 12:10

LiorH
Sign in to Comment

Related questions

How to set Facebook Access (from server) in JavasScript SDK
Facebook FQL Query (#601) Parser error: unexpected '#' at position 58
Post Photos to an album but hidden on the timeline using the Facebook Graph API
How can I post on the Facebook user's wall with a metro app (Windows 8)?
Unlikes fail with February 2013 breaking changes
Getting all photos included in a single facebook feed post with either Graph API or FQL?
How to replace "unexpected escaped character" in R
Facebook doesn't accept custom Open Graph properties
Facebook comments plugin - no notifications

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!