Last I saw that 'email' permission in the authentication process was part of the initial dialog (along with basic information) for all apps. However, today I noticed that for my app it shows as an additional step (like extended permissions) after the user has accepted the initial authentication. See the screenshot:
I still see other sites/apps with old-style authentication (email in the first step). I wonder if I am doing something wrong with the permissions or app settings that is causing it? This is how my LoginUrl looks like
https://www.facebook.com/dialog/oauth?client_id=[app_id]&redirect_uri=[redirect_uri]&state=[state_code]&scope=email&display=popup
In the App settings on Facebook in the 'Auth Dialog' > 'Authenticated Referrals' > 'User & Friend Permissions' I have added 'email' and 'publish_actions' permissions.
Related
I am using passport-facebook to authenticate a user via facebook. I previously had the scope [ 'public_profile', 'email' ], but recently added user_friends.
Now, all the existing users run into an interesting issue... they are forced to grant access to user_friends, unchecking it does not let them continue logging in.
Basically, if you're a new user, you can edit the permissions, public_profile being required. You can decline email/user_friends, continue, and never be asked again unless you use auth-type: "rerequest".
However, if an existing user signs in, facebook checks if all of the items in the scope have been requested (in this case user_friends has not). It then displays the dialog box with the friends permission, but hides the other 2, since they've already been asked. (see attached image).
Facebook requires the public_profile to be checked initially, but because it was already granted, it ends up requiring the user_friends permission for the existing users. Seems like this is a bug on facebook's side...
Here's a screenshot:
I'm working on a Facebook app which needs to get the user's photos. In the app dashboard, I have added user_photos to the 'User & Friend Permissions' field under the 'Permissions' section.
When I click 'Preview Login Dialog', it shows that the app will get 'Your basic info' and 'Your photos', but when I go to test the app and get the authorization dialog it says the app will get 'Your basic info' and 'Your email address'.
I have tried removing the app through my Facebook account settings (Apps) and then going back to the app, but the permissions are still incorrect. I have also had a friend test this on his computer and he's getting the same result.
The app is set up as 'App on Facebook' under 'Basic' settings. Am I missing something somewhere else?
this is due to the fact, that the permissions you enter in the "permissions" sections are only used within authenticated referrals. (un)fortunately, this functionality is going to be removed with the february breaking changes. have a look here: http://die.socialisten.at/2012/10/passive-sharing-the-end-of-authenticated-referrals-advanced-open-graph-2/
So, to put it in a nutshell: your app itself should be prompting the user this extended permission. you have to change the scope parameter of your login dialog url.
Please see attached screenshots. I've configured permissions for publish_actions (and also publish_stream) and I'm getting error message: requires extended permissions when I try to authenticate the application. What's strange is that these permissions are not requested when the user is asked to authenticate.
cheers
Paul
Permissions asked in App Settings --> Permissions --> 'Configure your permissions' section are only displayed in App Center or when using Auth Referrals. For permissions to be displayed during normal authentication flow (in permission dialog), you need to ask them using the 'scope' parameter in your code (https://developers.facebook.com/docs/reference/dialogs/oauth/). Hope that helps.
I have question regarding facebook permissions.
I'm looking to let my website users 'Login with Facebook'. I've created an app however I want the user to explicitly agree to letting my app send them emails (see image below)
I've checked the facebook developers pages (https://developers.facebook.com/docs/authentication/permissions/) and I can't seem to find a reference to the 'Send me email' permission that used to be available.
I can see it in the REST API documentation which has been deprecated but can't find it in the current documentation.
Any help on which permission to use would be much appreciated.
Thanks!
If you're setting up the permissions dialog via the Enhanced Auth Dialog (located in your app settings > Auth Dialog), simply use the 'email' permission as noted in the Facebook documentation when configuring the User and Friends Permissions section.
If you are using the sdk to prompt a permissions dialog, just add 'email' to the comma separated list.
since the new Auth Dialog from Facebook (for my App & homepage), I cannot get the dialog to show that my homepage/app needs the users email when connection to my homepage/app.
In the Auth-section of my app I've added "email" to the User & Friend Permissions. Also I've added it to the referal when someone clicks the "Login with facebook"-button.
When someone clicks the Facebook-button, he/she redirects to a page which has the PHP-code with Facebook SDK PHP (latest). Here's how I generate the send-to-url for the dialog:
$login_url = $facebook->getLoginUrl(array('req_perms' => 'email,publish_stream'));
header("Location: ".$login_url);
But when the Dialog pops up, the only permission request it does is "basic information". I need to request the Email. Am I stupid or is it a bug somehow? I've also recreated the App.
There in no req_perms parameter anymore, it's called scope in OAuth2.
Read documentation for getLoginUrl to see correct parameters.
in new dialog there are 2 kind of permissions normal permissions & extended permissions
you should install app with normal permissions at first then page will redirect automatically
for extended permissions