Menu
What's better?
Login Button
OAuth Dialog
I like the Login Button because it shows profile pictures of the user's friends who have already signed up for your application and it opens a dialog overlay instead redirecting to a new page as does the OAuth Dialog.
But, I think the OAuth Dialog is newer. Which should we use?
Also, the Login Button is XFBML. Apparently, Facebook is in the process of deprecating FBML. Does that mean XFBML is being deprecated too?
835
Web OAuth Login settings enables any OAuth client token flows that use the Facebook web login dialog to return tokens to your own website. This setting is in the Products > Facebook Login > Settings section of the App Dashboard.
In the App Dashboard, choose your app and scroll to Add a Product Click Set Up in the Facebook Login card. Select Settings in the left side navigation panel and under Client OAuth Settings, enter your redirect URL in the Valid OAuth Redirect URIs field for successful authorization.
It's the only authentication protocol supported by the major vendors. Google recommends OAuth2 for all of its APIs, and Facebook's Graph API only supports OAuth2. The best way to understand OAuth2 is to look at what came before it and why we needed something different. It all started with Basic Auth.
When your app uses Facebook Login to authenticate someone, it receives a User access token. If your app uses one of the Facebook SDKs, this token lasts for about 60 days. However, the SDKs automatically refresh the token whenever the person uses your app, so the tokens expire 60 days after last use.
It isn't that one is better than the other - they are intended to accomplish different things.
The login button is used for external websites to allow Facebook-based social elements and community within that site. You can then add other plugins such as comments, the like button or the face pile to further integrate the Facebook social networking aspects, with the login button acting as the authentication mechanism.
The OAuth dialog is specifically for FB apps that run within the Facebook canvas, and allows you to request Graph API permissions from a user which will grant you access to various parts of their profile and additional channels of communication.
While Facebook is deprecating FBML, they are not including XFBML elements that support social plugins, such as the login button. See here for more info.
115
I think Daniel hit the nail on the head.
I have just started reading up on Facebook Development, and it seems they are providing a great set of tools to do very powerful things, but they aren't particularly explaining which bits do what.
I think you need to be sure of the difference between; a) creating a web app that will leverage the facebook api to enhance its functionality (i.e. using the login button to allow a user to login/create a profile on that website) and b) creating a Facebook app that makes use of the api to simplify development (i.e. authorize and authenticate a facebook user for an app request)
I don't think they have outlined that distinction very well throughout their documentation
31
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
