The user will enter my IdP portal. He clicks on the button for Meta Workplace which will redirect the user to his meta Workplace without asking for his email or username. I need the URL that will perform this operation.
I searched on Meta Workplace documentation. I got the instruction for only SP-initialized SSO.
Related
I use OAuth2 login through the Facebook social network for users on the website.
Is it still possible to get the certain user's Facebook profile URL after login(for example by accessToken) or Facebook hides this information right now(after incidents with data leaks) and it is impossible?
It is, if the user grants permission.
You need to ask for user_link permission on login, and then you can request the link field of the user object – that will return a URL that can be used in a browser, to redirect to the actual profile.
This URL contains some form of token, and likely has limited validity - so you should not store those for long-term use, but rather request a “fresh” one when it is needed.
https://developers.facebook.com/docs/facebook-login/permissions#reference-user_link
Question in simple, I have facebook app, thich is basically my site 1:1, but in facebook iframe.
I want to show a user a registration form after he logs in with facebook, containing the most common fields - username, email, password. After registration, I want to save facebook ID and create profile for this user.
Isn't it against facebook TOS to ask for username / password / email after user has entered site through facebook?
Thabks
Why should it be against anything? They don't have to fill this form and proceed with registration on your website, so they're not really forced to do this.
In your FB app's settings, on App Details page there are textboxes for link to privacy policy and terms of service of your app. I think that you have to write in your own PP and TOS why you're asking for this data and what about privacy and all this stuff. And, of course, you should link to your app's PP and TOS on register page, or even "everywhere" in the footer so users will by able to check them easily.
what I need: upload photos to user's fan page as a page, using an app for that
what I have: my website which does uploading, and a user, who created fan page and application, and that app's id and secret
what I do:
call FB.init() with that appId
call FB.login() with manage_pages,publish_stream permissions - this prompts FB login popup where user is asked to login and then to authenticate the app. As the result I get app access token.
Send request to https://graph.facebook.com/oauth/access_token?client_id=APP_ID&client_secret=APP_SECRET&grant_type=fb_exchange_token&fb_exchange_token=TOKEN_FROM_ABOVE to get extended app token valid for 2 months (and therefore page tokens will be extended as well as described here)
Send request to https://graph.facebook.com/me/accounts?access_token=TOKEN_FROM_ABOVE to get a list of pages user manages, and let user to choose the page he wants to publish to.
That gives me PAGE access token I can use to publish photos to user's FAN page using /albumId/photos/ API call.
what is the problem:
the "via" link in the photo redirects user to MY website (where user has authenticated his app to upload to his page):
that is because I had to ask user to enter my website's URL in app settings, otherwise Facebook login dialog will complain:
SO MY QUESTIONS ARE:
Am I doing this right? am I missing something probably?
If I am - then how can I get that "via" link to link to user's website?
Thank you.
how can I get that "via" link to link to user's website?
Not at all, because this always links to the app that was used making a post/upload.
What you could try though is having your website redirect when a user is coming to your site from Facebook. Which post/feed story the user is coming from should be passed to your site as parameters; then you’d only have to figure out which user made that post (look it up in your database), and redirect to their homepage.
I ended up adding client's website URL as a query string parameter into "Site URL" field in the application settings - and then I need to modify my site's backend to do redirects:
http://mysite.com/?redirect=http://client-site.com
I have created a facebook app on developers.facebook.com and specified a site url for my website. When users on my website login with facebook it redirects them back to the site url I specified (e.g. example.com) on the facebook app settings.
I also have a mobile web site which has facebook login but when users login from the mobile site (mobile.example.com) it still redirects to the main site (example.com).
How can I make facebook redirect to either example.com or mobile.example.com depending on where the facebook login request comes from?
Facebook allows you to pass a variable named state to the auth dialog. This value gets returned by Facebook on both success or failure.
The intent of the state variable is to prevent people from gaining access to your site with forged requests. However, you could add a string to the state variable unique to people coming from the mobile site. On your redirect page registered with your app, you just need to add code to examine the state variable and redirect the user if it has the "mobile" string in it.
I'm browsing some news sites and most of them have the option of posting the link on your facebook wall. Or retweeting it. Or to other social media sites.
How do they get the user to authenticate themselves? I just push a button and it asks me to log in, and then it creates a new post on my facebook wall.
I want to reproduce this behavior but don't know where to start.
Read the facebook information for developers here It allows you to create actions that users can do on your site like reading an article or post a photo and it will add it to their facebook profile. There is also the capability for users to register or login to your site using their facebook credentials.
Similarly go here for twitter.
These sites are all using OAuth. It basically involves the transaction of a request for an access token from the site you are logging in through. Your users validate that they approve the validity of your request by authenticating with the third party system such as Twitter or Facebook and then these systems return a token that allows you to read/write/modify user data from these sites on their behalf.