Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Facebook oAuth: Force email permission

How do sites like StackOverflow and Untappd "force" a user to accept their permissions?

When I've been trying with the JavaScript SDK I've been using the scope object to request email addresses, but I keep seeing "Edit the info you provide", allowing the user to not provide their email address. I've even tried following Manually Building a Login Flow, with the same results.

Image:

enter image description here

As we're giving the user the option to register on the site through Facebook, we're reliant on the email address to create an account within our database.

Yet sites like StackOverflow and Untappd offer no such option, I'm forced to accept those permissions.

So what's the secret? How do I achieve this? Is it a setting I'm overlooking somewhere? Or does it need to be "approved"?

like image 870
Lee Davies Avatar asked Nov 13 '14 13:11

Lee Davies


2 Answers

They are using an old App created before end of April 2014, it was different back then. You can´t force it anymore, you can only check if the user authorized the permissions after login, with the return_scopes flag, for example:

https://developers.facebook.com/docs/reference/javascript/FB.login/v2.2

like image 93
andyrandy Avatar answered Oct 16 '22 13:10

andyrandy


Here's the solution that worked for me using Facebook SDK V4.x: How to “rerequest” email permission using Facebook iOS SDK 4.x?

If the user deselects the "email" permission and proceeds for the first time, the other consecutive times where you request email access, won't allow him to deselect email and hit "OK" anymore.

He will only be presented with "Not Now" and "OK" (which gets grayed out if email is deselected).

EDIT: Here's how to rerequest using Facebook JS SDK:

FB.login(function(response) {
   console.log(response);
}, {
   scope: 'user_likes',
   auth_type: 'rerequest'
});
like image 33
KBog Avatar answered Oct 16 '22 15:10

KBog