I am creating a bot using Dialogflow which is connected to Facebook Messenger. Both Messenger based Chatfuel and Dialogflow use Facebook Authentication Intent and Google Sign-In respectively.
However, I could not find a way to fetch verified user details from Facebook and store them as standalone profiles and authenticate them automatically when users log back into Facebook and start a new chat.
My purpose is to:
Fetch Verified Details from Facebook Profile (Name, E-mail and Date of Birth)
Use Google Authentication to Verify Phone Number and Generate Unique UserID
Store above details along with a few other rows of data. (Still not sure where and how to store)
Fetch the above details when the user starts a new chat on Facebook Messenger after a Google OTP Authentication.
Related
Just curious,
In case I want to make application using API for login(i.e Facebook of Google+)
What user's unique key do I stored in my database? Do my apps have same user's unique key as them(Facebook or google+), or they generate a new unique key for my user when sign in my apps? And what type of data is it?
Do I duplicate user's information into my database or keep accessing user's information from Facebook or Google+? Like do I have to create table for user's name, gender, birthday,etc and register user's information once user login to my apps or straight access it from Facebook or Google+ every time my apps needs it?
Is it really safe for user to using login with API? Can someone using API to get user's email and password, or make post in user's Facebook or Google+ that user don't want to post, or hijack user's account?
This might be common case, but I have no experience in using API so I have no idea about that.
What user's unique key do I stored in my database? Do my apps have same user's unique key as them(Facebook or google+), or they generate a new unique key for my user when sign in my apps? And what type of data is it?
When you use Google or Facbook signin you really only need to store the information that they return to you.
LoginProvider ProviderKey ProviderDisplayName UserId
_____________________________________________________________________
Facebook 1969950809700159 Facebook 21248583
Google 117200475532672775346 Google 21248582
User Id is the users id from my user table. Where i store there user information my system needs ProviderKey is the users Id on the login providers system.
Do I duplicate user's information into my database or keep accessing user's information from Facebook or Google+? Like do I have to create table for user's name, gender, birthday,etc and register user's information once user login to my apps or straight access it from Facebook or Google+ every time my apps needs it?
You can duplicate some of it when the user creates or links their account to your system but i wouldn't automatically update it without informing the user you are doing so. Some users dont realize how much information you have access to via linking to social media accounts.
Is it really safe for user to using login with API? Can someone using API to get user's email and password, or make post in user's Facebook or Google+ that user don't want to post, or hijack user's account?
I think you are confusing identity for Authentication. Using Oauth2 you request a user to grant you access to see there data though an api this is authorization. If you are using Google+ or facebook signin you are using an identity server and signing in as the user. You should be using signin if you want them to login to your system using their social media accounts. By singing in you are that user. No I dont think they can be hijacked using signin.
I have a facebook messenger bot that sends a webhook to my web app. People can login to my app via facebook login.
The first user contact is normally with my facebook bot on which they can create a profile. When they make contact I take their facebook id, name, profile pic, etc.
Users can then login with facebook to my web app to enhance their profile.
My problem is facebook uses different scoped ids for messenger and their login.
How can I recognise if a user has already been on my facebook bot if they use my web app, and vice verca.
I think it has something to do with the business mapping api: https://developers.facebook.com/docs/apps/for-business but I'm struggling to understand how it works.
I am sending a get request using:
GET /me?fields=token_for_business
But the docs do not specify the full url to use. I'm also unsure if you can use this in developer mode.
facebook provides an id-matching api
for the app and pages owned by the same business manager. More informations:
https://developers.facebook.com/docs/messenger-platform/identity/id-matching
I am using Firebase for my app. I can successfully authenticate users with facebook and twitter providers. I have added the linking the user accounts. Now a user can authenticate with email and then connect the facebook and twitter providers. But I have a problem in this case.
The scenario is, the user signed in with email. Connect twitter and facebook accounts to original account. Then, try to send a tweet. Right there, twitter login page opens. The user did not know the twitter tokens for twitter provider. I need to get custom tokens from the firebase for facebook and twitter. This way its meaningful to link providers. How can I do that?
I have setup an application to use Parse.com and the Facebook SDK for user auth.
Is there anyway in Facebook App Center or any where else that I can find the users that setup using Facebook. I can see basic auth information in Parse, but how do I then find the information that is requested from a Facebook user i.e. profile information, email address etc to then email/use?
Thanks
I want to use "LOGIN with Facebook" function for the new website. I have created a page with a Facebook login.
When I am trying to get code from:
https://developers.facebook.com/docs/reference/plugins/login/
It is asking me to create an Application.
So my question is Can I use "Login with facebook" functionality without Facebook Application integration?
No, you can't. Even when you retrieve the code you need for the Login plugin, Facebook instructs you to substitute APP_ID for your own. You'll need an application if you want to retrieve data about that person when they login, for example
email
name
gender
location
etc...
You'll have to authenticate your users with an app_id and app_secret to retrieve an access_token. That access_token is unique per user per application. More info on authentication is here.
Basically, every time you want to query Facebook's databases, with the Graph API or FQL, you do so on behalf of the user. Facebook links these calls to applications so that they will be able to know which application has what permissions and also what they are doing with them.
Click on over to https://developers.facebook.com/apps and after you have verified your Facebook developer account you'll be able to create a new app