How can I make a Facebook app that doesn't require users to log in/authorize my app? Is it even possible for canvas apps?
The conversion in auth dialog is quite poor (39%) for my app, even though I ask for the basic information only. Hence the question.
Thanks for advice!
There are no special actions necessary to run a canvas app in Facebook without authentication. Simply set the Canvas URL and Secure Canvas URL in your app's settings (https://developers.facebook.com/apps/<app_id>/summary) and it should just work.
Keep in mind that you cannot access any of the useful functionality Facebook offers if you forego authentication. You'll be missing out on:
The Invite Friends dialog
Creating notifications
Retrieving a user's friend list and information
Etc.
In fact, if you're not leveraging any of the available functionality Facebook provides, there's no sense in even creating a canvas app. You might as well enjoy the benefits of using the entire window for your application and host it standalone.
It all depends upon what you're doing with your app.
If you app uses features that requires login, then yes, you will need to get each user to log in.
If your app doesn't use features of the API that require login, then don't use it.
There's many social plugins that can accomplish a lot of what many people look for and most all of them don't require a login.
Related
I have more than few clients that would like to add facebook connect to their landing pages (managed by me). They are too many and not enough tech-savvy to manually create ad appid for each of them.
So my only solution is to usa my own appid to add facebook connect to all my clients websites, but as far as I know, Facebook doesn't allow to simply use the same appid on any domain.
How can I solve this? I can't find any documentation to solve my issue. Does anyone have a direction for me?
This has been discussed a couple o’ times before already – but I mostly commented on earlier questions, so let me write the whole thing up as a proper answer, for future reference.
[paraphrased] Multiple-client Facebook login via one single app id
Does anyone have a direction for me?
You probably rather don’t want to do that.
It is not really possible to run one simple app one multiple different domains.
As a workaround for only a few domains, people used to specify different domains for the different platforms – Website, Page Tab or Canvas App, plus Mobile alternative for Canvas – without actually using any of those platforms besides Website, which made the app usable on multiple domains as a website app. But since Facebook introduced their login/permission review process¹, you can’t do that any more – they expect you to present actual functionality on all platforms you have configured in your app.
You can kind-off use one single app for login on multiple domains – if you are willing to use only the server-side login flow, and to redirect users to one “main” domain (that gets specified as the app domain in the app settings) to login, and then from there back to the origin domain.
But this has several drawbacks:
It’s not what you’d call a “white label” solution. If your clients expect it to look as if users where logging in via “their” app, it should stay on their domain. Individual branding, in regard to stuff such as app name, app logo that shows in the login dialog, etc., would also not be possible. Additionally, app attribution – the link that shows up under content shared/posted via the app – would only link users back to the main domain, and not to your customer’s.
You would not be able to use the JS SDK for client-side API requests, or even just to embed it to render any of the FB social plugins that require an app id – the SDK checks what domain it is “running on”, and can not be tricked to accept a domain that is not specified in the app settings.
There could be privacy issues. An over-exaggerated example: Just because I as the app user decided to share my photos or videos I have on Facebook with your customer Our-Holy-Mother-of-Christ-Bakery.com, does not necessarily mean I want to share them with your other customer, amateurs-doing-all-kinds-of-nasty-stuff.xxx as well – but if they shared an app id for login purposes, I automatically would. Have fun writin’ the Privacy Policy (which is mandatory if you use FB login functionality, and FB also automatically checks if your app has got one) for that scenario ;-)
Finally, and most importantly: All your customers would be “sitting in the same boat.” If one of them, or in turn their website users, would publish spam via your app id, so that Facebook blocks it, login would not work any more for all of your customer’s websites. And if you decide only then, that setting up an individual app for each of your customers would be the better way to go, they would not be able to recognize their existing users any more, because of user ids being app-scoped since API v2.0 was introduced – so if users logged into this new app, that app would see a totally different user id. (And to rely on an email address as an identifier is risky, too, because you will not get one from the API for every user; for example if they registered using their mobile device.)
Edit: Plus, app/domain insights, as luschn mentioned in his answer.
¹ Yes, the review process has made it more laborious to set up multiple apps for multiple clients. But for apps that do the same stuff/use the same permissions in the same manner, you can refer to an earlier successfully reviewed app id to speed up the process a little. Also, screenshots of how f.e. posts made via the app look on timeline, and what UI components are used, as well as screencasts that you include in your submission could probably be used with little to no alteration.
Apps are not meant be used on several different domains, you will have to create a new App for each domain, i´m afraid. You can use the different platforms in the App settings to use different domains, but there are only a few so it´s pointless. Just create some screenshots and a tutorial for your clients, that´s how it is usually done.
Btw, it would be weird to authorize an App on a website, and the same App would allow you to be authorized on all other client websites. Also, insights are per App, so your clients may want to see their own insights and not the global insights of all domains together.
Many is not defined but i think for being a smart developer you need to create new app_ids for every project you need to use facebook connect. Just my opinion. It also allows you to monitor alot of stuff.
Is it possible to submit my 3D WebGL HTML5 / Facebook Canvas app to the App Center, even though it does not use the Facebook API? It isn't integrated with Facebook in any way, other than, being embedded in..
https://apps.facebook.com/flappy-wheels/
..from a Dropbox-hosted URL, if that even counts as a technical "Facebook integration" - which I doubt, as no API usage or Facebook signup or login required to even play it.
I keep on trying to submit it for App Center review but it insists to think I'm using the FB API when I'm not. Does this mean usage of the FB API is absolutely required for App Center submission? What if I dont want my app logging in to people's Facebook accounts? What if I don't want it accessing their personal information, or posting for them, or any of that jank? What if I just want it to be a game to simply be played embedded in a FB app URL, with no actual FB integration or interaction? Can that not be put on the App Center?
It thinks I need 3 permissions, one of which is logging in to people's accounts, I think these 3 permissions are put there in settings by default, how do I removed those permissions from my app settings, as those permissions listed aren't being used in my game, as it isn't using any FB permissions?
A smaller question on the side, what is the "tagline"? Like, it is the keywords / searchable tags, right? I'm used to them being called just "tags" and not a "tagline" so just to be sure I know what it is.
Thank you so much for any help or suggestions!
Yes you can always submit the html5 game on facebook canvas but for App Centre listing its necessary. Also using dropbox, github hosted sited will have less server resources allocted to them and hence high load time - i recommend to use any other hosting services out their, but remember https is a must.
Tagline is like a punch line for any product just go on the same theme.
I have an packaged app in the Chrome Web Store that I'd like to transition from a paid app to a free one with in app purchases. I need to be able to detect if the current user had paid for the app previously.
To be able to use the licensing API, I need the current user's OpenID URL. I was able to get this to work using chrome.identity and a popup dialog that the user has to authorize. But it is a bad experience and kind of a scary dialog.
For hosted apps, it's possible to get the user's OpenID URL without any user interaction or authorization. (see How to skip the OpenID approval screen). It would be fantastic if somebody knows how to make this work without user interaction for packaged apps.
I've detailed some of the approaches I've tried on this chromium-apps thread. I suspect it may be possible to do this with chrome.identity.launchWebAuthFlow but I wasn't able to discover the exact incantation of parameters to google's oauth/openid endpoints to make this happen silently.
I think you need to refer to this Link1 Parameters
this parameters are different techniques using that you can do this task..
also To bypass the Login/approval screen refer this link2
Here in the section How to skip the OpenID approval screen the details are explained which you can use..
And In case of packaged app this should ask for permanent permission that will help in OAuth throughout the life of app..
Client Library JavaScript Based
Authentication using Library
After your comment I thought this you can bind in your app.!!
Let me know what works for you..
This is a first time I am trying to make a facebook application/game, and I have couple of questions.
Let's say canvas url is http://mysite/first_app/ and facebook app url is https://apps.facebook.com/first_app
I wonder if visited both url-s should a functionality be the same? I mean does facebook give you more tools and freedom if navigated from https://apps.facebook.com/first_app? Or should both url-s look and do the same thing? Is it possible?
I wonder if visited both urls should a functionality be the same
Of course yes. The difference is just that one is deployed at the facebook's app center and the other at your domain.
Yes, you have more tools available in the canvas ("apps.facebook.com.."), as it will send you the user-id without any user consent. Has the user previously used your app, you will also be able to get their accesstoken and fetch more info about them.
It requires some backend code to decode the signed request parameter, which provides you this stuff.
This example is how php handles signed request:
https://developers.facebook.com/docs/facebook-login/using-login-with-games/
If you're using C#, download the Facebook C# (available through NuGet, the package from Outercurve Foundation) and use this example:
How do I parse a signed request in Facebook C# SDK?
I try to handle the user in Facebook context whenever possible. It adds trust and more tools. Although since the Facebook phone/tablet app (App Store/Google Play) doesn't support Facebook apps at all, I often optimize the app for mobile web use also. I read somewhere that over 50% of daily Facebook visists are done using the phone app, so it might be something to think into your app while developing.
UPDATE:
I can see I have misunderstood part of signed request, as commented by Shadowfax and CBroe. In my app, I use the user id from signed request but of course only when the user has already logged on to the app beforehand. My apologies.
I want to develop an online application and I am considering EITHER building a website with community features built in or building ONLY a facebook app. I was wondering if other people have had to make the same decision and what things I will need to consider.
The website I want to build will be an educational portal where people can make and take tests online
I disagree with some of the other answers here. There is a huge difference between a) trying to advertise a new place on the web and b) trying to advertise a new functionality of an existing place. Even if this new website would offer a very tight integration with Facebook and some other social platforms. Keep in mind: facebook users really don't like to leave facebook, no matter what the reason would be. That's why the click-through rate for the advertisements is so embarrassingly poor: http://en.wikipedia.org/wiki/Facebook#Company
That said you can of course always do both: build a website and offer the same functionality through a facebook app. However my opinion here is that if you're application only offers its users a single functionality, you'll be better off just doing the latter.
What exactly is the advantage you expect by creating a Facebook-ONLY-App for that?
If it's only about taking tests you can still build a "normal" portal and include some of the Facebook-functionality through the JavaScript-SDK, like posting to the wall, Single-Sign-On, find your friends and so on. This way the user still has the choice if he wants to connect with Facebook or not. This way you also don't minimize your userbase to Facebook-users
(yeah I know, "everyone" has Facebook these days... ;) Still not everyone wants it to be connected to every single site he's using through Facebook)
Considering this comment:
Well I guess its easier for people to recommend my app if it is a facebook app, is the main reason I want to know if facebook is a good option – Zubair Mar 3 at 14:51
Build a website and then add the Facebook 'like' button. See: http://developers.facebook.com/docs/guides/web/#plugins
You should put a Twitter button as well:
http://twitter.com/about/resources/tweetbutton
In my opinion you have to develop both. First develop you website. Although facebook is having millions of users But in my opinion you cannot implement every thing as freely as you can in your web application than facebook application. You should have a website and a page on facebook. You can integrate other facebook social plugins on your website to interact with facebook.
From monitization point of it is easy for new users on website than application on facebook. Other reason website especially related to educational purposes have a huge click through rate which you cannot find on facebook application advertiser.
What is the goal of the website?
If its to make money dont do a facebook app, you have far more control of your site by designing it entirely yourself.
If you want social networking features there are plenty of APIs you can tie in to which will provide you with functionality and allow you to link into facebook / twitter etc.
A website would look more professional, it would allow you to gather statistics on unique hits, revisits etc, having your own database of users means you can gather information and market your site more specifically ( which users took which tests).
A website also allows you to monetize it by adding advertisement if that is your goal, and you can gain search engine rankings.
If you want to get publicity for your website you can use facebook by creating a group / page for the site and promoting it that way.
Also your own website wont leave you vulnerable to changes in Facebook, what if you put in all this work and in a year the terms change and a portion of your app is now in violation of the terms. What if you want to add X feature and facebook wont allow it?
Basically your site = 100% in your controll, thats a big advantage to you. With facebook you loose that advantage but maybe gain a little in being able to use more of their features. Personally id always go for my own site.
You should go for the website first, then add the social elements in the website.
Like you can enable users to login using there facebook credentials. Like/share Button.
And later on, you can also go for the facebook app, when you want to shoot for much much more traffic. Therefore, whenever you think that you have figured out what exactly you want out of your application then only go for it, otherwise try your options with website. Because once your facebook app is up, you will get hell lot of traffic.
Let me know if you need help in creating facebook application or social elements enabled website. I have built an Facebook Easy API on top of all facebook features, which will enable you to easily access anything on facebook and meanwhile reducing your work effort.
You first build it like web app and use Graph API and FBConnect to use Facebook functionalities. Then you need to create a facebook app version also because getting facebook traffic is also required. People from facebook most like come to facebook app then to another web.
You will not need to convert it to facebook app, it will be just less in width and it would be a facebook iframe app. as I some where read that facebook is depreciating fbml and iframe app is recommended.
So now you can make both things, as I think , test app can have flexible layout so that you don't need to change width for facebook iframe. So you can both things by doing one.
thanks
i'm pretty sure many people will not agre with me, but IMHO you should focus on build a good Web-App that work well also on Mobile-Phones. keep it simple, intuitive, responsive, lightweight, cross-browser and straight to the point.
if your only concern is about "recommend your app to other people" make it SEO and Multi-Language too. google will do the rest.
then if you want make your app bold, slowly and planty of useless stuffs start to add all the facebook widget you want.
PS: i'm also on facebook, twitter,
flickr, google etc etc, i'm also
sharing photos, links and usefull
stuffs, my google rss reader is full
of links with tons of nice things, well i
have never had a minute to look at it, when i need something i just start searching google
I agree with most of the answers here—a native website is the way to go. Personally, I don't trust/like FB apps. Dunno what they do, and given the number of scammers out there and FB's lack of responsibility (IMO), I rarely if ever use an FB app.
Creating the website gives users choice about whether they want to share results/integrate with their FB wall/profile. Users don't like to be forced into something.
And in the spirit of adventure that is typical of SO, it's always more fun to build your own website than to build a template-based (sort of), boring and nearly irrelevant (drowning in a sea of other poorly made apps) FB app. But that's just my 2¢
In your case, I would do a hybrid. First, build your website, but integrate it with Facebook via connect. This way you can concentrate on building your value added services and let Facebook worry about the community.
I would also not ignore the Facebook app. Now, with iframes being fully supported on Facebook, you can adapt your existing site to work within Facebook with minimal effort, as long as you keep this requirement in mind when building your original application.