Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Facebook oauth authorize URL and parameter options

Facebook provides some documentation on the parameters of oauth login.

Login Dialog OAuth 2

Parameters are:

  • client_id = Your App ID
  • redirect_uri = Your App Website URL
  • display = page, popup, iframe, async, touch. How to display login.
  • scope = permission names. Permissions your app is asking the user to grant to your app.
  • state = a string included in the response back to your app.
  • response_type = code or token or both. Used in different ways depending on authorization flow.

Is there more information about different types of oauth functionality and the parameters that go with it?

I want information on how to structure the URL for oauth. I know of a couple of configurations. For example:

https://www.facebook.com/dialog/oauth?
   client_id=YourAppID
   &redirect_uri=The URL that you designated in your App Settings for your App
   &response_type=token //Whether you want a `code` returned, or a `token` returned, or both
   &scope=publish_stream // scope prompts the user for the type of permissions being asked for

I saw a discussion that showed this:

https://graph.facebook.com/oauth/authorize?
   client_id=123456789
   &redirect_uri=http://example.com/
   &scope=publish_stream,share_item,offline_access,manage_pages

Note the difference's of the URL's:

/dialog/oauth?

or

/oauth/authorize?

What does authorize do? Does it GRANT permissions instead of ASKING for permissions? Where is the documentation on this?

like image 208
Alan Wells Avatar asked Apr 01 '14 22:04

Alan Wells


People also ask

How do I use OAuth on Facebook?

Under Products in the App Dashboard's left side navigation menu, click Facebook Login, then click Settings. Verify the Valid OAuth redirect URIs in the Client OAuth Settings section. state . A string value created by your app to maintain state between the request and callback.

What client OAuth settings Facebook?

Select Settings in the left side navigation panel and under Client OAuth Settings, enter your redirect URL in the Valid OAuth Redirect URIs field for successful authorization.

How do I change my callback URL on Facebook app?

In the "Facebook Login" tab under your app, enter all valid callback URL's, such as http://localhost/callback, http://productionUrl/callback, etc. If you don't see "Facebook Login" tab under your app, click "Add Product-> Facebook Login->Get Started" Enter the Valid Callback Urls -> Save changes.

How do I re authorize on Facebook?

To reauthorize your Facebook Page, go to Admin > Channels > Facebook and click on the Reauthorize button. It will take you to the Facebook login page, where you will have to enter the Admin credentials of the page that you are trying to reauthorize.


1 Answers

https://graph.facebook.com/oauth/authorize is also to logging in the person -- Like authenticating a person and to take permission from person whether to access the requested permissions by app.

oauth/authorize is graph api call. I think major difference may be when you want to build the login flow manually you should use /oauth/authorize.. else if you are using javascript/Apps api provided by facbook it uses /dialog/oauth. Apps normally need to confirm that the response from the Login dialog was made from the same person who started it. If you're using Facebook's JavaScript SDK it automatically performs these checks so nothing is required, assuming that you're only making calls from the browser. More over we can make graph api calls secure by applying appsecret_proof.

like image 169
Abhinay Avatar answered Oct 17 '22 01:10

Abhinay