I have two websites A.com and B.fm which have two independent Facebook app ids, but I want to merge B into A and make my business approachable by more users (B will have urls like A.com/B/all_b's_original_urls) and B is served in different service (on different server) from A's server, can I make two Facebook ids works on A.com if change B.fm to A.com/B/all_b's_original_urls?
Yes, I can use two facebook app ids for one website. Actually B.fm works as an independent service in A.com, so it doesn't influence A.com at all.
Related
For exmaple: We have a REST API which provides data for multiple consumers. The most case is like: Frontend (accessable for everyone), admin/management (for admins only), mobile app.
These ones differs in the response data which the REST API delivers. For example, in the admin request, the API should respond the email of the user. In the frontend not. Or the mobile app, shouldnt receive unnecessary data, which are not displayed in the views.
My idea was to set adapters in front of the REST API, but this won't work, if you don't have multiple domains available (e.g. api.xyz.com, api-manage.xyz.com).
I think this is a common way, which most of the app needs. I don't want to build multiple APIs to cover this case.
Is there any way on the application side, for example with middleware? Or I know there is a role based approach, but I dont think, this is enought abstract, because the role doesnt decide which device it is.
There is a little solution:
Role based decision which fields the user can be retrieve. Additionally the consumer has to put a header, or a queryparam like "frontend", "admin", "mobile", to identify which data will be returned. This is independent of the "which the user is able". It's just for optimization.
Are there any other solutions?
Your API should not know about your clients but it should offer the possibility for the clients to do what they want/need. Let's say you need to display a list of product with details. On the desktop you might bring 100 products but in mobile only 10. So the api need to provide a configurable paging. Also in the desktop you might get more information than on mobile. So here if you have an entity product, in the desktop you will get all the fields( multiple attributes for example) but for the mobile you get only the name and one attribute (for example the price) to minimize the payload size.
So the API need to be generic but give clients possibility to use it based on their needs.
I have an app where people login to our site, search for FB groups based on keyword, and then download a text file of UIDs (generated by the API, not by scraping), for the purpose of creating a custom audience in the Power Editor and uploading it back.
Is that allowed?
It is okay to do so, as long as it is strictly for the functionality for your app and your users that will be downloading the lists of ids have agreed to keep them confidential. These are the specific items from the Facebook platform policy which address what you cannot do with user ids:
II
6) You will not directly or indirectly transfer any data you receive from
us, including user data or Facebook User IDs, to (or use such data in
connection with) any ad network, ad exchange, data broker, or other
advertising or monetization related toolset, even if a user consents
to such transfer or use. By indirectly we mean you cannot, for
example, transfer data to a third party who then transfers the data to
an ad network. By any data we mean all data obtained through use of
the Facebook Platform (API, Social Plugins, etc.), including
aggregate, anonymous or derivative data.
7) User IDs for any purpose outside your application (e.g., your
infrastructure, code, or services necessary to build and run your
application). Facebook User IDs may be used with external services
that you use to build and run your application, such as a web
infrastructure service or a distributed computing platform, but only
if those services are necessary to running your application and the
service has a contractual obligation with you to keep Facebook User
IDs confidential.
Make sure that your app doesn't break either of those rules or any other rule in the Platform Policy.
I am using Facebook Graph API. To set it up, I need to fill out the App Setting on developer.facebook.com.
I need to specify two URLs, one for local testing (localhost:3000), and another for live app. How should I do this?
Thank you.
I need to specify two URLs, one for local testing (localhost:3000), and another for live app. How should I do this?
That’s not possible – at least not if you want to use Facebook login.
You have two options:
Set up a second app for testing. This works quite well, as long as it does not come to things like Open Graph actions which need to be approved by FB and are tied to the app they were are proved for.
Set your local test environment up to be accessible from your local computer by the domain name used for the live site. F.e. when using Apache as webserver, by setting up a corresponding VirtualHost and manipulate your local DNS into resolving the domain to your local IP (via hosts file under windows). Also since your live app will most likely use port :80, you should set up your local server to answer to HTTP requests on that port.
we are looking into implementing Facebook Connect on our wiki service, http://www.wikidot.com. User-created sites span the *.wikidot.com domain, but also custom domains (like mine http://michalf.me), all handled by our single service.
We have a centralized account system. Users always log in (and create accounts) at www.wikidot.com and they are automatically logged in in all subdomains (cookie domain set to .wikidot.com - easy) and custom domains (automatically, via a series of redirects).
We would like to add FC into our login flow. Now, it would be great to get some clarification about FC Terms, which suggests using one App ID for every domain. In our case however user-created sites are not separate applications.
So, is it OK to use FC on one centralized website where our users log in (on www.wikidot.com) and expand user status on other domains connected to our service? This is how it works right now, without FC.
It would be great if we could get clarification from someone from FB to make sure we will not be violating any terms or policies.
Thanks!
It isn't possible (as far as I know anyway) to use the same app ID on multiple domains. FB allows use across subdomains, but I have found some difficultly with this even at times with the cookies. When you set up an app, you are asked to provide the domain for it. The domain you put here is the only domain that your app will work for. If your users are only ever signing in on wikidot.com, then I suppose you can use what you have already to move those sessions onto the other domains, but once you are on the other domain, you won't be able to use any of the facebook api features; any requests you make will fail.
I think the 'one app id for every domain' condition is more to target people who are trying to use multiple app ids for one domain. I think so long as you aren't transferring any data about the user to different domains/adverts etc, you should be ok. Essentially what you are doing is adding FB connect to your wikidot site, then a separate feature of wikidot is to keep you logged in on other partner sites?
A requirement to use the RPXNow is to set your Facebook application's connect url to http://mydomain.rpxnow.com.
I was just trying to implement Facebook's Open Graph and I see that it tells you to set the Base Domain to the domain that will contain the app_id.
However, Facebook does not allow these two domains to look different. When I try to set the base url to mydomain.com, I get this error:
Validation failed.
Base Domain is not valid. Connect URL must be derived from your Base Domain.
Should I create two apps - one for use with RPXNow, and another for use with Open Graph? If not, what should I do?
Thanks
The Facebook page regarding Base Domains you linked to states the following:
Facebook Connect stores user credentials in cookies on your application's domain. By default, a cookie set on chicago.citysearch.com would not be readable on sanfrancisco.citysearch.com - the browser treats them as separate domains. If the base domain is set, then Facebook will intentionally set the cookies on the base domain, thus making the cookies readable across multiple subdomains. This allows you to share one authentication session across multiple subdomains.
Note: There is no way to share a cookie across multiple domains. So, for example, if you have a site cnet.com and news.com, then there is no way to make the browser send the same cookies to both those domains. Each of these would require separate API key and separate authentication.
Since your domain and rpxnow.com are different base domains, it seems like you'd need a custom realm (eg. login.yourdomain.com), which is offered from RPXNow at additional cost. You'd probably have to upgrade to "Pro" account (~$95/mo+ ?) or contact RPXNow / Janrain directly and ask them your options.