We have web application with keycloak as identity broker, google SAML app as IDP for google managed workspace for domain say mycompany.com. Integration works fine for except a case described below.
If user is logged in with only one non SAML app google account, google returns
403 Error: app_not_configured_for_user.
i.e. If I am logged as with my personal gmail acccount & not with mycompany.com account
I have inspected SAML AuthnRequest payload SAML tracer which has ForceAuthn="true" but still it does not show up account chooser page.
I went through couple of stackoverflow threads. Few provided solution about using account chooser url and redirecting it to auth page https://accounts.google.com/accountchooser?continue={theredirectURL}.
Looking at community to help suggesting clean solution.
This error pretty much depends on which account is the primary one in the Google account chooser as it always takes that to complete the sign in process automatically.
There is no official way or setting from Google to do this, however the mosto commonly used workaround is to add the following URL to the Start URL section of the SAML app settings for it to force the authentication whenever you click on it.
https://accounts.google.com/AccountChooser?continue=https://accounts.google.com/o/saml2/initsso?idpid=[REPLACE]s&spid=[REPLACE]&forceauthn=false
There are 2 parameters that you need to replace in that URL and you need to get them from the Google apps menu next to your profile picture, then hover over the SAML app that you want to change and right click on it, then copy the link address and that will show the idpid and spid values.
I am new to facebook app. I have just purchased one domain and trying to integrate facebook login with my website. My website is with SSL. I have purchased SSL even. But when I try to add domain in App Platform it gives me error as "This url has been identified as malicious and/or abusive".
I am not able to understand how this is possible. Is there any way out to remove this error or to contact facebook for same.
Solution according to: https://www.forbes.com/sites/caroltice/2013/03/15/when-facebook-calls-you-abusive-reclaim-your-reputation/
First go to: https://global.sitesafety.trendmicro.com/
and check if your URL appears as non safe or as Untested
Click on reclassify --> url reclassification request
Then select the option SAFE
Suggest a category
Add your email
click the button to proceed, then go to yuour email and click the link that trendmicro sent to you, then wait
other links: https://global.sitesafety.trendmicro.com/index.php
https://www.trendmicro.com/en_us/about/legal/detection-reevaluation.html
Website name and details should follow all the terms and conditions of Facebook.
Preamble:
I'm not a Facebook user, I never had any Facebook account, so I'm not familiar at all with the Facebook website.
I need to create a Facebook App
Today I need to implement "Facebook Connect" (authentication) for the website of a client. I'm using an existing extension which requires me to enter my App ID and Secret key, which can be obtained by creating a Facebook App.
1: Where to get started?
According to both the Facebook Documentation and the extension I'm using, a Facebook App can be created by going to the following URL: https://developers.facebook.com/apps/
2: Account required
When I go to that URL I am asked to login. Very well, so I go ahead and create my very first Facebook Account. On the registration form it says that if the account is created for a business then I don't need to enter my personal name. This account is not for me but for my client's website, and my client being a business, I go on and open a business account.
3: Account verification
To complete, I am required to verify my email address, which I do successfully. After that, it asked me to verify my personal phone number, which I do successfully.
4: Account created & verified: still can't access the App Creation page
Now, I finally have a Facebook Business Account. I go again to that same URL to create a Facebook App: https://developers.facebook.com/apps/. However, I still can't access the page as according to the Facebook Documentation it seems that I need to convert my account to a "Developer Account".
5: Developer Account required
Very well, I follow the process of converting my account to a Developer Account, provide all kind of information about me and the company hiring me, and finally, I now have a Developer Account, yeey!!
6: Second attempt
Ok, now it should certainly work and I will FINALLY be able to create this dawn app to start implementing Facebook Connect on my client's website!
Double checking that the URL is the correct one from the documentation of the plugin, and also from the Facebook Documentation itself, I go ahead and refresh this page: https://developers.facebook.com/apps/
7: Still fail: now getting redirected to Facebook Advertising
But now, when loading the above URL, I am automatically redirected to the following page: https://www.facebook.com/advertising
I have tried to log-out, erase all my cookies, login again, but nothing will do, when I go to https://developers.facebook.com/apps/ I am always redirected to https://www.facebook.com/advertising which is about creating ads but what I need is to create an app!
8: Personal Account required
I searched all over the place for an explanation or maybe for a newer URL, but no luck. I finally found on StackOverflow (Can't access Facebook Developers App!!?! Redirected to my page repeatedly) that I can't create a Facebook App with a Business Account, and that I need a Personal Account instead.
9: Personal Account creation
Very well, I go ahead and create my very first personal account on Facebook.
10: Can't create a personal account, email and phone already used!
Oops, it says that my email was already used for another account. Hmmm OK so I go ahead and create a new email address especially, and then try to register a personal account again. Now it is asking to verify my phone number, which I do, but unfortunately it says that my phone number was already used to verify another account earlier today!
Dawn, I'm really starting to feel exhausted by Facebook. Let's think about a solution. I have only one phone number, and I wouldn't use the phone of a friend as they all have Facebook and all probably verified their own accounts using their phones.
11: Deleting my Business Account created earlier
Solution founds! I will delete my business account, so my real email and my phone number will be available again! Yeey!!!
12: Facebook won't delete my account today
A few minutes later, I understand that my Facebook Account cannot be deleted today. I can deactivate it. But this won't free my email nor my phone number. After some research on the web I found a hidden form that allows to really delete my account. I go ahead through the deletion process, enter my password about 10 times, and fill 10 really hard CAPTCHAS, and finally my account is deleted! Oh wait... it says it won't be deleted before 2 weeks!!!
13: Final attempt: fail again
Anyway, I still try to use my phone number again to create a personal account, but still no luck, Facebook won't let me use my own phone number to activate my account.
What are my options?
Have you looked at all into dummy phone numbers, such as with Google voice (free) or with Skype (nominal fee)? Some sites, such as Craigslist, can sniff those numbers out and still not allow them to be used for verifying, but others can't tell the difference. Could be useful.
Depending on how big your client's budget is, maybe grab a throwaway prepaid phone from the store and use it. Just a few thoughts on how to avoid the phone issue. Everything else seems straightforward after that.
Building an app on Facebook gives you the opportunity to deeply integrate into the core Facebook experience. Your app can integrate with many aspects of Facebook.com, including the News Feed and Notifications. All of the core Facebook Platform technologies, such as Social Plugins, the Graph API and Platform Dialogs are available to Apps on Facebook.
In this document we will explain the following concepts:
Canvas Page: The Page in which your app is loaded.
Social Channels: The key channels that help you grow your user base and re-engage existing users.
Analytics: Accessing analytics for your application.
If you wish to start building an App on Facebook now, please refer to our getting started tutorial. If you want to build an app to add to the tab of a Facebook Page then you should refer to Page Tabs.
Visit this site
https://developers.facebook.com/docs/guides/canvas/
Currently I have used the sandbox App Id and test credentials successfully to make API calls, however now I would like to switch to the live version. I looked at the check list and believe I switched out all the sandbox information to live credentials. However the last thing I need to switch out is the APP - ID. I created an App which has the status of "approved" in paypal developer however I'm not sure where to get the App - ID for it. In addition, should I be seeing the app in the Manage Classic Apps? I see it in My Apps on the developer page, but not in that section. Thank you very much for the help.
Select My Account > Profile > My Selling Tools, then click the Update (API Access) link
Click Request API Credentials on the API Access page
Select Request API signature and click Agree and Submit to generate a set of Signature credentials
More information can be found at: https://developer.paypal.com/webapps/developer/docs/classic/api/apiCredentials/
EDIT:
You will need to use the classic api to obtain an APP-ID. The new API does not use APP-ID's, but instead client ID's which are extremely different.
We are developing a hybrid mobile app (code is written in HTML and runs on browser shell as a native app on the device). We need to authenticate the user against an external security manager. I've seen the Gmail App in iPhone which opens a browser to authenticate the user. We are also looking to do something of that sort. We just need to gather your thoughts on how authentication can be done with some external security manager in a mobile app.
Also I noticed that Dailymotion website was able to know if the user is authenticated with Facebook. This looks like a cross domain authentication.
Can you please share your thoughts on how Google and others have implemented it?
What you are looking for is OAuth and OpenID services to federate your login. Depending on the architecture of your system you can implement whichever one you like or even a hybrid of both.
Take a look at this link: Federated Login for Google Accounts
It provides all the useful information you need.
Hmm this question seems old but in case you haven't found an answer here's how I did it with my hybrid apps :
open url on client side with the provider's (facebook/twitter/instagram) url for login
the user logs in and is redirected to the server's callback url (my server is written in nodejs)
once I've got the access token from the provider. I save this token and then create a token for the client to reuse every time the user wants to access a protected ressource.
Download the apk and test it.
If this is what you're looking for you can checkout both the client side code at : https://github.com/malikov/Authenticate.me-client-cordova-ionic
And the server side code at : https://github.com/malikov/Authenticate.me-Node-Server
Cheers