Related
Important notice:
If you register for testing, go to your profile settings and to your interests add delete profile.
Trying to login with Facebook to my website:
I get the following error:
URL Blocked: This redirect failed because the redirect URI is not
whitelisted in the app’s Client OAuth Settings. Make sure Client and
Web OAuth Login are on and add all your app domains as Valid OAuth
Redirect URIs.
My settings (Basics) in Facebook are:
App Domains: openstrategynetwork.com
Site URL for website: http://openstrategynetwork.com/
In the advanced tab, Valid OAuth redirect URIs is set to:
http://openstrategynetwork.com/_oauth/facebook?close
App is public.
More settings (Advanced) here:
App key and secret are correct. I'm using Meteor and its accounts packages.
As the questioner writes
In the advanced tab, Valid OAuth redirect URIs is set to: ...
and I had the same problem (writing the redirect url into the wrong input field) I would like to highlight that
It's NOT
Settings -> Advanced -> Share Redirect Whitelist
but
Facebook Login -> Settings -> Valid OAuth redirect URIs
It would have saved me 2 hours of trial and error.
You should also have it in mind that
www.example.com is not the same as example.com. Add both formats to the redirect URL.
The login with Facebook button on your site is linking to:
https://www.facebook.com/v2.2/dialog/oauth?client_id=1500708243571026&redirect_uri=http://openstrategynetwork.com/_oauth/facebook&display=popup&scope=email&state=eyJsb2dpblN0eWxlIjoicG9wdXAiLCJjcmVkZW50aWFsVG9rZW4iOiIwSXhEU05XamJjU0VaQWdqcmF6SXdOUWRuRFozXzc0X19lbVhGWUJTZGNYIiwiaXNDb3Jkb3ZhIjpmYWxzZX0=
Notice: redirect_uri=http://openstrategynetwork.com/_oauth/facebook
If you instead change the link to:
redirect_uri=http://openstrategynetwork.com/_oauth/facebook?close
It should work. Or, you can change the Facebook link to http://openstrategynetwork.com/_oauth/facebook
You can also add http://localhost/_oauth/facebook to the valid redirect URIs.
Facebook requires that you whitelist redirect URIs, since otherwise people could login with Facebook for your service, and then send their access token to an attacker's server! And you don't want that to happen ;]
This worked for me.
redirect_url = http://127.0.0.1:8080/accounts/facebook/login/callback/
I got that from my browser after clicking the Facebook button you browser will be redirected to a link for integrating with Facebook API, so where you will get that redirect. For my case the link was this from where I got the redirect_url.
https://www.facebook.com/dialog/oauth?client_id=...&scope=&response_type=code&state=...&redirect_uri=http://127.0.0.1:8080/accounts/facebook/login/callback/
Make sure "App Domain" and Facebook Login => Valid OAuth redirect URIs. There you must check www or without www. Its better if you use with www or without for all URLs in php,html,css files and Fb app settings.
Other thing is if you're using "/" end of the URLs you must add that URL to app settings of Valid OAuth redirect URIs.
Example:- https://www.example.com/index.php/ if this url if youre using in the redirect url you must set that to app settings.
Hope this would be help.
In my case, I just had to make sure I have my urls both with and without www for Application Domain and Redirect URLs:
In my case, I had to use: signin-facebook after my site url, for redirect url.
Ok First of all this is a very clear error message. Just look at this many devs miss this including my self. Have a look at the screen shot here please.
Under Products > Facebook Login > Settings
or just go to this url here (Replace YOUR_APP_ID with your app id lol):
https://developers.facebook.com/apps/YOUR_APP_ID/fb-login/settings/
If you are working on localhost:3000 Make sure you have https://localhost:3000/auth/facebook/callback
Ofcourse you don't have to have the status live (Green Switch on top right corner) but in my case, I am deploying to heroku now and will soon replace localhost:3000 with https://myapp.herokuapp.com/auth/facebook/callback
Of course I will update the urls in Settings/Basic & Settings/Advanced and also add a privacy policy url in the basic section.
I am assuming that you have properly configured initializers/devise.rb if you are using devise and you have the proper facebook gem 'omniauth-facebook', '~> 4.0' gem installed and gem 'omniauth', '~> 1.6', and you have the necessary columns in your users table such as uid, image, and provider. That's it.
For my Node Application,
"facebook": {
"clientID" : "##############",
"clientSecret": "####################",
"callbackURL": "/auth/facebook/callback/"
}
put callback Url relative
My OAuth redirect URIs as follows
Make Sure "/" at the end of Facebook auth redirect URI
These setups worked for me.
Changing from hauth.done=Facebook to hauth_done=Facebook in the Valid OAuth redirect URIs fixed it for me.
It might help somebody.
I had the similar error message, but only in dev and staging environments, not in production. The valid redirect URIs were correctly set, for the dev and staging subdomains as well as for production.
It turned out I forgot that for those environments we use the testing FB app, which is a separate one in the FB developer page. Had to select that and update its settings.
Hey Guys
so i was having this error below
Basically all you have to do is to make sure your url in "OAuth Redirect URIs" from facebook corresponds with your url callback in your code see the image sample below
!!!must match with this below
If error still persist make sure this 3(three) URL are correct!.
Site URL
Privacy Policy URL
App domains
you can view them in your developer->settings->basic tab.
hope this helps you fix the bug! Happy coding :)
Try to add http://openstrategynetwork.com/sigin-facebook to Client OAuth Settings valid redirect URL along with your own redirect URL.
Login Helper of your site
$loginUrl = $helper->getLoginUrl('xyz.com/user_by_facebook/', $permissions);
and in facebook application dashboard (Under products tab : Facebook Login )
Valid OAuth redirect URIs should also be same to xyz.com/user_by_facebook/
as mentioned earlier while making request from web
We had the same problem, such a nightmare.
Make sure your App IDs and Secret Keys are correct. If you are using separate development, staging and production apps for testing, the App IDs and Secret Keys are all different for each app. This is often the problem.
Make sure you have the callback URL set properly in your app config file (see below). And then add this as same URL under "Facebook Login" settings where it says "Valid OAuth redirect URIs". It should look like this (depending on your environment):
http://localhost/auth/facebook/callback
http://staging.example.com/auth/facebook/callback
http://example.com/auth/facebook/callback
Make sure your app domain is set to the correct domain for each environment, including both "www" and "no-www". Facebook also requires these domains to match the URL of your website or app platform. You will have to select "Add Platform" to add this.
In my case, I was integrating Facebook login within a Rails app tutorial. I had added http://localhost:3000/adsf to my Valid OAuth Redirect URIs, but the Rails app would open the url as http://0.0.0.0:3000 and would therefore try to redirect to http://0.0.0.0:3000/asdf. After adding http://0.0.0.0:3000/asdf to the Valid OAuth Redirect URIs, or navigating to http://localhost:3000/asdf, it worked as expected.
In my case URI, as it was defined on FB, was fine, but I was using Spring Security and it was adding ;jsessionid=0B9A5E71DAA32A01A3CD351E6CA1FCDD to my URI so, it caused the mismatching.
https://m.facebook.com/v2.5/dialog/oauth?client_id=your-fb-id-code&response_type=code&redirect_uri=https://localizator.org/auth/facebook;jsessionid=0B9A5E71DAA32A01A3CD351E6CA1FCDD&scope=email&state=b180578a-007b-48bc-bd81-4b08c6989e18
In order to avoid the URL rewriting I added disable-url-rewriting="true" to Spring Security config, in this way:
<http auto-config="true" access-denied-page="/security/accessDenied" use-expressions="true"
disable-url-rewriting="true" entry-point-ref="authenticationEntryPoint"/>
And it fixed my problem.
Just add www in redirect_uri in your code.
Like:-
https://www.facebook.com/v3.3/dialog/oauth?client_id=427141371274449&redirect_uri=https://www.example.com/facebook-callback&scope=email&state=5f40cc740267d3-34619096-32051275-123456
Put your url here
Facebook Login -> Settings -> Valid OAuth redirect URIs
AND
you'll also get that error if your APP ID is wrong
I have a problem with facebook login on Presta Shop. I am using TemplateMonster Social login plugin (tmsociallogin). It worked a few months ago but now it stopped. I am receiveng error:
"Can't Load URL: The domain of this URL isn't included in the app's domains. To be able to load this URL, add all domains and subdomains of your app to the App Domains field in your app settings."
Urls and paths are set correctly in apps settings I think (correct domain, correct redirect URL, correct app domain). You can see my setting on screen shots below.
I have found a lot of answers but everywhere I've seen that I have to uncheck "Use Strict Mode for Redirect URIs" in fb app settings. I cant do that - this option is hardly checked as "Yes" and I can not do anything about that.
Please anybody help me :( Prestashop version 1.6
Apps settings 1
Apps settings 2
Facebook error
It happens because Facebook has changed a security policy and forbidden to use nonstrict mode for a redirect. But the module was using this option to redirect to the same page after login. So now it causes the issue. In order to solve this, you need to remove all mentions about a "back" parameter within all files which are related to Facebook login functionality. I don't know exactly your version of the module but I think the list of files will be the same
controllers/facebooklogin.php
controllers/facebookregistration.php
views/templates/hook/header-account.tpl
views/templates/hook/social-login-buttons.tpl
In the *.tpl files remove only that entities which are related to facebook.
And in your Facebook API you must to add two redirect URLs.:
Whether you use Friendly URL
- your_domain/module/tmsociallogin/facebooklink
- your_domain/module/tmsociallogin/facebooklogin
or not
- your_domain/index.php?fc=module&module=tmsociallogin&controller=facebooklogin
- your_domain/index.php?fc=module&module=tmsociallogin&controller=facebooklink
Also, if you aren't sure yet which mode are you gonna use then you can add all four variants.
Important notice:
If you register for testing, go to your profile settings and to your interests add delete profile.
Trying to login with Facebook to my website:
I get the following error:
URL Blocked: This redirect failed because the redirect URI is not
whitelisted in the app’s Client OAuth Settings. Make sure Client and
Web OAuth Login are on and add all your app domains as Valid OAuth
Redirect URIs.
My settings (Basics) in Facebook are:
App Domains: openstrategynetwork.com
Site URL for website: http://openstrategynetwork.com/
In the advanced tab, Valid OAuth redirect URIs is set to:
http://openstrategynetwork.com/_oauth/facebook?close
App is public.
More settings (Advanced) here:
App key and secret are correct. I'm using Meteor and its accounts packages.
As the questioner writes
In the advanced tab, Valid OAuth redirect URIs is set to: ...
and I had the same problem (writing the redirect url into the wrong input field) I would like to highlight that
It's NOT
Settings -> Advanced -> Share Redirect Whitelist
but
Facebook Login -> Settings -> Valid OAuth redirect URIs
It would have saved me 2 hours of trial and error.
You should also have it in mind that
www.example.com is not the same as example.com. Add both formats to the redirect URL.
The login with Facebook button on your site is linking to:
https://www.facebook.com/v2.2/dialog/oauth?client_id=1500708243571026&redirect_uri=http://openstrategynetwork.com/_oauth/facebook&display=popup&scope=email&state=eyJsb2dpblN0eWxlIjoicG9wdXAiLCJjcmVkZW50aWFsVG9rZW4iOiIwSXhEU05XamJjU0VaQWdqcmF6SXdOUWRuRFozXzc0X19lbVhGWUJTZGNYIiwiaXNDb3Jkb3ZhIjpmYWxzZX0=
Notice: redirect_uri=http://openstrategynetwork.com/_oauth/facebook
If you instead change the link to:
redirect_uri=http://openstrategynetwork.com/_oauth/facebook?close
It should work. Or, you can change the Facebook link to http://openstrategynetwork.com/_oauth/facebook
You can also add http://localhost/_oauth/facebook to the valid redirect URIs.
Facebook requires that you whitelist redirect URIs, since otherwise people could login with Facebook for your service, and then send their access token to an attacker's server! And you don't want that to happen ;]
This worked for me.
redirect_url = http://127.0.0.1:8080/accounts/facebook/login/callback/
I got that from my browser after clicking the Facebook button you browser will be redirected to a link for integrating with Facebook API, so where you will get that redirect. For my case the link was this from where I got the redirect_url.
https://www.facebook.com/dialog/oauth?client_id=...&scope=&response_type=code&state=...&redirect_uri=http://127.0.0.1:8080/accounts/facebook/login/callback/
Make sure "App Domain" and Facebook Login => Valid OAuth redirect URIs. There you must check www or without www. Its better if you use with www or without for all URLs in php,html,css files and Fb app settings.
Other thing is if you're using "/" end of the URLs you must add that URL to app settings of Valid OAuth redirect URIs.
Example:- https://www.example.com/index.php/ if this url if youre using in the redirect url you must set that to app settings.
Hope this would be help.
In my case, I just had to make sure I have my urls both with and without www for Application Domain and Redirect URLs:
In my case, I had to use: signin-facebook after my site url, for redirect url.
Ok First of all this is a very clear error message. Just look at this many devs miss this including my self. Have a look at the screen shot here please.
Under Products > Facebook Login > Settings
or just go to this url here (Replace YOUR_APP_ID with your app id lol):
https://developers.facebook.com/apps/YOUR_APP_ID/fb-login/settings/
If you are working on localhost:3000 Make sure you have https://localhost:3000/auth/facebook/callback
Ofcourse you don't have to have the status live (Green Switch on top right corner) but in my case, I am deploying to heroku now and will soon replace localhost:3000 with https://myapp.herokuapp.com/auth/facebook/callback
Of course I will update the urls in Settings/Basic & Settings/Advanced and also add a privacy policy url in the basic section.
I am assuming that you have properly configured initializers/devise.rb if you are using devise and you have the proper facebook gem 'omniauth-facebook', '~> 4.0' gem installed and gem 'omniauth', '~> 1.6', and you have the necessary columns in your users table such as uid, image, and provider. That's it.
For my Node Application,
"facebook": {
"clientID" : "##############",
"clientSecret": "####################",
"callbackURL": "/auth/facebook/callback/"
}
put callback Url relative
My OAuth redirect URIs as follows
Make Sure "/" at the end of Facebook auth redirect URI
These setups worked for me.
Changing from hauth.done=Facebook to hauth_done=Facebook in the Valid OAuth redirect URIs fixed it for me.
It might help somebody.
I had the similar error message, but only in dev and staging environments, not in production. The valid redirect URIs were correctly set, for the dev and staging subdomains as well as for production.
It turned out I forgot that for those environments we use the testing FB app, which is a separate one in the FB developer page. Had to select that and update its settings.
Hey Guys
so i was having this error below
Basically all you have to do is to make sure your url in "OAuth Redirect URIs" from facebook corresponds with your url callback in your code see the image sample below
!!!must match with this below
If error still persist make sure this 3(three) URL are correct!.
Site URL
Privacy Policy URL
App domains
you can view them in your developer->settings->basic tab.
hope this helps you fix the bug! Happy coding :)
Try to add http://openstrategynetwork.com/sigin-facebook to Client OAuth Settings valid redirect URL along with your own redirect URL.
Login Helper of your site
$loginUrl = $helper->getLoginUrl('xyz.com/user_by_facebook/', $permissions);
and in facebook application dashboard (Under products tab : Facebook Login )
Valid OAuth redirect URIs should also be same to xyz.com/user_by_facebook/
as mentioned earlier while making request from web
We had the same problem, such a nightmare.
Make sure your App IDs and Secret Keys are correct. If you are using separate development, staging and production apps for testing, the App IDs and Secret Keys are all different for each app. This is often the problem.
Make sure you have the callback URL set properly in your app config file (see below). And then add this as same URL under "Facebook Login" settings where it says "Valid OAuth redirect URIs". It should look like this (depending on your environment):
http://localhost/auth/facebook/callback
http://staging.example.com/auth/facebook/callback
http://example.com/auth/facebook/callback
Make sure your app domain is set to the correct domain for each environment, including both "www" and "no-www". Facebook also requires these domains to match the URL of your website or app platform. You will have to select "Add Platform" to add this.
In my case, I was integrating Facebook login within a Rails app tutorial. I had added http://localhost:3000/adsf to my Valid OAuth Redirect URIs, but the Rails app would open the url as http://0.0.0.0:3000 and would therefore try to redirect to http://0.0.0.0:3000/asdf. After adding http://0.0.0.0:3000/asdf to the Valid OAuth Redirect URIs, or navigating to http://localhost:3000/asdf, it worked as expected.
In my case URI, as it was defined on FB, was fine, but I was using Spring Security and it was adding ;jsessionid=0B9A5E71DAA32A01A3CD351E6CA1FCDD to my URI so, it caused the mismatching.
https://m.facebook.com/v2.5/dialog/oauth?client_id=your-fb-id-code&response_type=code&redirect_uri=https://localizator.org/auth/facebook;jsessionid=0B9A5E71DAA32A01A3CD351E6CA1FCDD&scope=email&state=b180578a-007b-48bc-bd81-4b08c6989e18
In order to avoid the URL rewriting I added disable-url-rewriting="true" to Spring Security config, in this way:
<http auto-config="true" access-denied-page="/security/accessDenied" use-expressions="true"
disable-url-rewriting="true" entry-point-ref="authenticationEntryPoint"/>
And it fixed my problem.
Just add www in redirect_uri in your code.
Like:-
https://www.facebook.com/v3.3/dialog/oauth?client_id=427141371274449&redirect_uri=https://www.example.com/facebook-callback&scope=email&state=5f40cc740267d3-34619096-32051275-123456
Put your url here
Facebook Login -> Settings -> Valid OAuth redirect URIs
AND
you'll also get that error if your APP ID is wrong
Let me first start with saying I've searched for an answer to this question for quite some time...
I'm trying to setup Facebook OAuth to work with my application that is being developed locally on my machine. Everything was working perfect with Facebook authorization UNTIL I moved from using localhost to another domain name (still local to my machine.) Now I'm getting the following error.
Can't Load URL: The domain of this URL isn't included in the app's
domains. To be able to load this URL, add all domains and subdomains
of your app to the App Domains field in your app settings.
My hosts file contains 127.0.0.1 domain.dev (works perfect)
My redirect in my app (using Socialite) is http://domain.dev/auth/facebook/callback
In my Facebook App Settings...
my App Domain is domain.dev
my Site URL is http://domain.dev/
my Valid OAuth redirect URIs is
http://domain.dev/auth/facebook/callback
The URL at the time of the error message is..
https://www.facebook.com/v2.5/dialog/oauth?client_id=XXXXXXXXXXXXXXX&redirect_uri=http%3A%2F%2Fdomain.dev%2Fauth%2Ffacebook%2Fcallback&scope=email&response_type=code&state=0ztcKhmWwFLtj72TWE8uOKTcf65JmePtG95MZLDD
I'm at a loss of what the problem is...
Screen Shot 1
Screen Shot 2
In case someone comes across this and is looking for these settings (like I was)
You have to
On the left hand side, click "+Add Product" and select "Facebook Login" (it was at
the top for me)
See the new settings available on the left hand side
You will now have these OAuth settings on that "Product Settings"
Additional Info: Make sure to add the Callback URL like http://localhost:3000 to the Valid OAuth redirect URIs field on the settings page of Facebook Login
This usually happens if you have entered the wrong details when you created the App in Facebook. Or have you changed a URL's of an existing App?
Can you please recheck the settings of your APP in this page?
https://developers.facebook.com/apps
Select the correct App and click in the edit button;
Check the URLs & paths are correctly entered and are pointing to the site where you have installed Ultimate Facebook plugin.
I had the same problem. I solved it by adding my OAuth redirect URI as a argument to the getAccessToken function call:
$redirectLoginHelper->getAccessToken("https://www.example.com/myfacebookcallback")
If no argument is sent into that function the SDK generates the redirect URI by itself which should work but in my case it didn't.
Hope this helps someone.
Make sure your app is public.
Click on + Add product
Now go to products => Facebook Login
Now do the following:
Valid OAuth redirect URIs : example.com/
Deauthorize Callback URL : https://example.com/facebookapp
Can't Load URL: The domain of this URL isn't included in the app's
domains. To be able to load this URL, add all domains and subdomains
of your app to the App Domains field in your app settings.
I had this issue today, I find the Facebook documentation and SDK disrespectful and arogant towards other developers to say the least.
Besides having the "app domains" in two different locations without much information (3 if you add a "web" platform), you also need to go to app products / facebook login / settings and add your redirect URL under Valid OAuth Redirect URIs
The error says NOTHING about the oauth settings.
Here's what I did to solve this issue:
Basically:
1) Enable "Embedded Browser OAuth Login"
2) Disable "Use Strict Mode for Redirect URIs" and enter a redirect
URI like the way I did.
3) Leave all the rest of the options as they are.
4) Save your changes.
5) Enjoy :)
Facebook has recently disabled the toggle button for 'Use Strict Mode for Redirect URIs', so you need to add exact URI what's being called when you hit login button. For my case it was as shown in screenshot.
It solved the issue for me :)
I had the same problem, and it came from a wrong client_id / Facebook App ID.
Did you switch your Facebook app to "public" or "online ? When you do so, Facebook creates a new app with a new App ID.
You can compare the "client_id" parameter value in the url with the one in your Facebook dashboard.
In my case, things i had to do is only enabling the Embedded Browser OAuth Login
As of 2017-10.
Solution that solved my issue.
Currently that FB renders this surprise.
...app’s Client OAuth Settings. Make sure Client and Web OAuth Login are on...
The settings to adjust are located here https://developers.facebook.com/apps/[your_app_itentifier]/fb-login/.
The trailing slash is important. They must match in your app code and in FB admin settings. So this is a config somewhere in your code (see below how to get any domain name for a dev app):
{
callbackURL: `http://my_local_app.com:3000/callback/`, // trailing slash
}
and here
To get any domain name for an app on a local Windows machine, edit host file. Custom names are good in order to get rid of all those localhost:8080, 0.0.0.0:30303, 127.0.0.0:8000, so forth. Because some third party services like FB sometimes fail to let you use 127.0.0.0 names.
On Windows 10 hosts file is here:
C:\Windows\System32\drivers\etc\hosts
Backup initial file, create a copy with different name (Doesn't work in native Windows CMD. I use Git for Windows, it has many Unix commands)
$ cp hosts hosts.bak
Add this in hosts
127.0.0.1 myfbapp.com # you can access it in a browser http://myfbapp.com:3000
127.0.0.1 www.myotherapp.io # In a browser http://www.myotherapp.io:2020
In order to get rid of port part :3000 set up NGINX, for example.
The way I fixed it: I went to the Valid OAuth Redirect URIs textbox and set the exact URL, not just the domain:
before: https://my-website.com
after: https://my-website.com/facebookoauth/facebooklogin
(the url may be different in your case, check it in the address bar of the browser).
This was caused by the setting Use Strict Mode for Redirect URIs, which was locked in the Yes position.
Most of the time its happen with not insert proper valid OAuth redirect URL in the product section of the FB dashboard.I suggest follow my bellow steps
01.Check the basic setting of the app is okay with bellow picture with you
02.check whether you have add a product
If not you can easily add log in product by clicking + sine as I show in the bellow.
If Yes just got to inside of the product setting.
03.The check whether you have provide valid OAuth redirect URL
Its simple mean what should after login.It is not other than that your call back URl.You can see in my bellow picture I have added several redirect URLs.
have any problem further Watch my video-- >
https://www.youtube.com/watch?v=mdhubrzV5y8&t=3s
Click here Code Project!
Its Code project example. Its working to me
I had the same problem,
I just added the link of my local adress http://localhost/Facebook%20Login%20Test.html to Site URL in my application setting https://developers.facebook.com/apps.
Now it works fine :) I hope this was useful ;)
Nothing really worked for me, until I updated the SDK version I was using. I started with 5.0. Not even 5.4.0 would not work either. When I updated to 5.6.2, it worked flawlessly, despite there being nothing in the changelogs that was relevant!
This option should be enabled in portal:
In case this helps anyone else, this started happening for me on an older site when "Valid OAuth Redirect URIs" became mandatory. The site was still using the V4 PHP SDK and the problem was resolved for me by upgrading to the V5 SDK.
In the App domain section, you are writing your app domain but you also need to add your login domain i.e. the name of html page where you ask user to login. In my case, I was testing it on localhost and the login route was localhost/login, If I only put http://localhost.com in App domain section, I get this error. But after adding http://localhost/login.com, the error was fixed.
and also the App settings has changed in newer version of SDK, in which there is no option for OAuth redirect route. You've to assign the redirect route directly from server side, after successfully getting OAuth token.
This worked for me:
Here's the main thing to understand: Facebook will always check for the "WWW" domain. So make sure www.your_domain.dev is working on your browser first.
It is possible that if you have multiple virtual hosts on your local server, some other virtual host overrides "www.your_domain.dev". So please check that.
Apache will pick the FIRST definition of domain (or ports, or something in these terms - I'm no expert on this, but learned by mistakes).
An easy quick fix for this virtual host overriding is to put "www.your_domain.dev virtual host definition on the very top of the file "httpd-vhosts.conf".
Go to "/apache/conf/https-vhosts.conf" and put this on the very top of the file:
<VirtualHost *:80>
<Directory "C:/your_app_folder_path/">
Options FollowSymLinks Indexes
AllowOverride All
Order deny,allow
allow from All
</Directory>
ServerName your_domain.dev
ServerAlias your_domain.dev
DocumentRoot "C:/your_app_folder_path/"
</VirtualHost>
###### FOR SSL #####
<VirtualHost *:443>
DocumentRoot "C:/your_app_folder_path/"
ServerName your_domain.dev
ServerAlias www.your_domain.dev
SSLEngine on
SSLCertificateFile "conf/ssl.crt/server.crt"
SSLCertificateKeyFile "conf/ssl.key/server.key"
<Directory "C:/your_app_folder_path/">
Options All
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
Next: If you are using Windows system, edit your "hosts" file in "C:\Windows\System32\drivers\etc" by adding two lines:
127.0.0.1 your_domain.dev
127.0.0.1 www.your_domain.dev
Next: Restart your Apache server and everything should work now.
I hope this will help you and save your time.
I wasted almost a whole day searching around the web and was pulling my hair out and couldn't find anything helpful until I found this.
The problem, and the answers, keep changing as FB tightens up the login procedure. Today, I started getting this horror message "The domain of this URL isn't included in the app's domains. To be able to load this URL, add all domains and subdomains of your app to the App Domains field in your app settings."
The answer was: now FB wants the full redirect uri. So for me, where it used to be just https://www.example.com it now wants https://www.example.com/auth/facebook/callback. This has to go in the "Valid OAuth redirect URIs" field (Developer/Facebook login->setting)
Facebook Login -> Settings -> Valid OAuth redirect URIs -> insert the domains of your redirect url, remember you should add 'https' or http.
eg: if your redirect url is https://xxx.xxx.com/path/callback.do, you only need to enter https://xxx.xxx.com/, it's ok for me.
I had the same problem.....the issu is in the version PHP SDK 5.6.2 and the fix was editing the following file:
facebook\src\Facebook\Helpers\FacebookRedirectLoginHelper.php
change this line
$redirectUrl = FacebookUrlManipulator::removeParamsFromUrl($redirectUrl,['state','code']);
to
$redirectUrl = FacebookUrlManipulator::removeParamsFromUrl($redirectUrl,['state','code','enforce_https']);
This same Facebook error happened to me in the Production environment. The reason was I had 2 apps registered with Facebook (Local, Production) but I hardcoded the Local app ID into the source code and forgot to switch it out for the Production app ID before deployment.
Best practice dictates you shouldn't have the app ID hardcoded into the source code but if you do, do not mismatch your various Facebook app IDs like I mistakenly did.
Using my own local server.
Simply adding http://localhost/my-site as a URL in:
https://developers.facebook.com/apps/YOUR-APP-ID/fb-login/
worked for me.
first step:
use all https://example.in or ssl certificate URL ,
dont use http://example.in
second step:
faceboook application setting->basic setting->add your domain or subdomain
third step:
faceboook application login setting->Valid OAuth Redirect URIs->add your all redirect url after login
fourth step:
faceboook application setting->advance setting->Domain Manager->add your domain name
do all this step then use your application id, application version ,app secret for setup
on Magento 2 Social Login extension, you have to copy Valid OAuth redirect URIs from the panel and add the link to Valid OAuth Redirect URIs field in Client OAuth Settings page at developers.facebook.com
If your game has no server/site (e.g. if you develop for Gameroom like me) - add "https://apps.facebook.com/xxxxxxxxxxxxxxxxx" (put your app ID instead of "xxxxxxxxxxxx") to "Valid OAuth Redirect URIs".
in my case, i solved this issue by adding the full URL and not only the domain as facebook ask. i hope that they will rename it for more clarification.
so the Valid OAuth Redirect URIs should be like so:
Before: https://www.mobile-battles.com
After: https://www.mobile-battles.com/register
The Meta for Developers interface currently provides two places where you can enter the domains for your app: the Basic settings under "App domains", and the Advanced settings under "Domain Manager". The SDK might not recognize your domain if it is listed in just the Domain Manager.
If you are using AWS Cognito then add the URL https://<your-user-pool-domain>/oauth2/idpresponse to the Valid OAuth Redirect URIs in Facebook Login -> Settings
This question already has answers here:
Closed 11 years ago.
Possible Duplicate:
Play Framework appending #= to redirect after Facebook auth via OAuth2?
Has anyone else seen this happen?
I am building a Facebook canvas app using the Facebook PHP SDK, and some Javascript.
Now when I take the user through the OAuth authentication flow, I have noticed that the URL in the browser automatically gets appended with this "#_=_" , so my URL starts looking like this:
http://apps.facebook.com/xxxxxxxxxxxx/#_=_
and when I redirect to the app profile page the URL is this:
http://www.facebook.com/apps/application.php?id=xxxxxxxxxxxx#_=_
I am redirecting using
echo "<script type='text/javascript'>top.location.href='$appcanvasurl';</script>"
to the canvas URL, and
echo "<script type='text/javascript'>top.location.href='$appprofurl';</script>"
for app profile page.
So why is this #_=_ getting appended?
Update:
According to this bug on the tracker, this is by design, and giving a value for the redirect_uri does not change this.
And according to the official facebook reply on that page (have to be logged in to Facebook to view the post):
This has been marked as 'by design' because it prevents a potential security vulnerability.
Some browsers will append the hash fragment from a URL to the end of a new URL to which they have been redirected (if that new URL does not itself have a hash fragment).
For example if example1.com returns a redirect to example2.com, then a browser going to example1.com#abc will go to example2.com#abc, and the hash fragment content from example1.com would be accessible to a script on example2.com.
Since it is possible to have one auth flow redirect to another, it would be possible to have sensitive auth data from one app accessible to another.
This is mitigated by appending a new hash fragment to the redirect URL to prevent this browser behavior.
If the aesthetics, or client-side behavior, of the resulting URL are of concern, it would be possible to use window.location.hash (or even a server-side redirect of your own) to remove the offending characters.
See This:
https://developers.facebook.com/blog/post/552/
Change in Session Redirect Behavior
This week, we started adding a fragment #_=_ to the redirect_uri
when this field is left blank. Please ensure that your app can handle
this behavior.