facebook php authentication returns user "denied" permissions when I click "allow"

Question

I use php sdk for my app. I get the login url with $facebook->getLoginUrl() and some extended permissions.

when the user is redirected to that page, the permissions dialog is displayed. when he clicks allow, he gets redirected back to my website but with error_reason=user_denied passed in the url.

I tried removing the application from the user's facebook account, deleting all cookies / caches on the browser, still can't make it to work.

I saw there is another question on StackOverflow about this issue but got no answer... Facebook authentication returns "denied" even if I click allow

Answer 1

Took me a little while to figure this one out. The issue is related to the fact that you are in sandbox mode, but disabling it is not the way to fix this.

When you add a Facebook user to your app (as a tester, developer, admin, etc) they are initially given a Pending status. While the user has that pending status, they can view your Facebook app but can not grant privileges to it.

To remove the pending status, you need the person who you've granted the role to to log into their account. In their notifications you will see that they have been granted the role for the Facebook app. The user then has to click on that notification and accept it. Once accepted, the user is no longer pending and can accept Facebook privilege requests from the App.