I am developing a web app with Facebook integration and I can't figure out why I can't test the login function locally. I have looked through the answers here (How to Test Facebook Connect Locally) and have tried to follow the steps of having the app in test mode, setting the site URL and the domain.
Based on FBs documentation here: https://developers.facebook.com/blog/post/2018/06/08/enforce-https-facebook-login/
I should be able to use http for localhost development, but I get the error
The method FB.api can no longer be called from http pages. https://developers.facebook.com/blog/post/2018/06/08/enforce-https-facebook-login/
and can't log in. Below are pictures of my app settings (including an indication it is an app in 'test mode').
So this is really only a half answer, but it seemed easier for me to just force https for my local development using mkcert (https://github.com/FiloSottile/mkcert). After creating local certs I updated my site URL to say https://localhost:8080 and I am able to log in without issue.
I've created a webapplication, hosted in an Azure App Service. The App Service is secured using Azure AD Authentication with login required.
When trying to load this page in a Personal App, the page tries to redirect to login.microsoftonline.com which is not able to show the page in an iFrame.
When switched to Developer preview the application is shown, passing the login using the currently signed in user.
Is there an ETA on enabling this behavior on the "non-developer preview" client?
Or is there another way to achieve this?
PS: I'm aware of the SSO javascript API, but this does require anonymous access to the application executing the JS calls. Unless I'm missing something? :)
I am developing a website which uses the Facebook login. Now, I want to be able to get this to work both in my production environment, as well as in my development environment.
On Facebook, I can give ONE site url, which Facebook can redirect to. This worked great during my development phase, but now I want it both to work in production, but also while developing my solution.
I guess one way would be to run my application on the local IIS with my domain-navn and change my hosts file, but that can't seriously be the most easy solution!?
- What is the easiest way to get it to work in both environments?
Update: As of 2018 the path to this setting is now Products > Facebook Login > Settings > Client OAuth Settings the rest of this answer is still valid.
There is a better way. You just need to add valid callback URL's for your localhost to Settings > Advanced > OAuth Settings.
This method allows you still have your production website URL while allowing oauth from dev, staging, production, etc.
After I have worked with this for ~6 months, I have found a solution which works really well, based on the other two answers.
In Facebook I add two apps:
Production app
Dev app
Then, in my web.config app settings I have:
<!--Prod-->
<add key="_FacebookApiId" value="id"/>
<add key="_FacebookApiSecretId" value="secret_id"/>
<!--Dev-->
<add key="FacebookApiId" value="dev_id"/>
<add key="FacebookApiSecretId" value="dev_secret_id"/>
Which of course is read through a helper-class.
Then it works seamlessly on both production and localhost, and both myself and my team is happy.
I have the same problem.
The only solutions I have found are:
yes... edit the host file on your local machine: How to Test Facebook Connect Locally
create another Facebook app only for development purposes: Facebook Oauth on localhost for testing during development (the blog is about Rails but the solution to use different apps depending on the environment is still valid for other languages)
Facebook only allows localhost OAuth redirects when your app is in development mode. This means you can't run your application in production and perform local development tests.
Instead, you need to create a test variant of your app. Head to https://developers.facebook.com and view the dashboard for your production application. Click the drop-down menu at the top-left and choose Create Test App.
This populates a test application with almost the same settings as your production app. However, it gives you a new app ID and app secret, so you'll need to toggle these settings when running in development mode (as other answers suggest).
Here's some further info on test apps: https://developers.facebook.com/docs/apps/test-apps/
Following the advice in this answer, it will work if set the Mobile URL to be your development domain (ie. localhost) and the Site URL to be your production domain.
The updated way.
In the App Dashboard, choose your app and go to Products > Facebook
Login > Settings. Under the Client OAuth Settings, enter your redirect
URL in the Valid OAuth redirect URIs field for successful
authorization.
Go to https://developers.facebook.com/docs/facebook-login/web for more info.
We run a per developer development environment with each developer workstation ssh tunnelled out from our office to the public internet so we can test integration with Facebook canvas apps and facebook callbacks to our urls.
How can we limit access to this environment so Facebook servers can access our servers, cross domain authentication will work for our developers, but no random members of the public can stumble upon our development servers?
Currently the Facebook IP range is unknown, so we don't know where our open graph callbacks are coming from.
You can sandbox your application.
That way only administrators & developers of the application can interact & see the application.
You can make a change to your Facebook application to sandbox mode going to: https://developers.facebook.com/apps
In Edit settings page of the current application you choose Settings->Advanced->Sandbox Mode.
Is it possible to develop facebook using google app engine locally, without having to upload application every time I change it?
I assume you are getting API error 191 when you try to access the Facebook API from the dev appserver?
API Error Code: 191
API Error Description: The specified URL is not owned by the application
Error Message: redirect_uri is not owned by the application.
If you are developing on your localhost, you can set the 'Site Domain' field in your facebook app settings to (appname).appspot.com and then edit the HOSTS file on your system.
In my environment I just entered:
127.0.0.1 devlocal.(appname).appspot.com
As long as the browser's URL matches *.(appname).appspot.com, it will work.
You could set the Website field in your Facebook app settings to http://localhost:XXXX or http://127.0.0.1:XXXX for development and then change it over to the actual once ready for deployment. This worked well for me.
I ran into this issue a couple years ago and wrote a long article about how I solved it for my needs.
http://www.upwithabang.com/articles/GAE-facebook-win7.html
It covers the setting up of an Apache server on your laptop then telling Facebook and the GAE to behave as if it hosted on a production server. This solves the pain of constant uploads for testing every little change.
Hopefully this is helpful to someone, if not a little late.