I used to be able to, but for some reason all my Facebook Javascript API calls using FB.ui() no longer work in my development environment where my url is localhost:8080. In production it works fine though. I have a dev environment Facebook application, but I did just change URLs around in it. I assume that's where the problem is. How do I have a Facebook application that allows FB.ui() calls from dev and production environments? This is the error I get when calling FB.UI() in dev:
An error occurred with AppleTree dev. Please try again later.
API Error Code: 191
API Error Description: The specified URL is not owned by the application
Error Message: redirect_uri is not owned by the application.
I always add a entry in my hosts file for something like:
127.0.0.1 dev.mydomain.com
And then set my app domain in the app settings to mydomain.com (to allow subdomains). Then access your site in your browser at http://dev.mydomain.com:8080 and FB.ui should allow the call.
Related
I am using facebook SDK. I am getting the following error:
Insecure Login Blocked: You can't get an access token or log in to this app from an insecure page. Try re-loading the page as https://
After studying I came to know that I have to set 'Enforce HTTPS' as NO under 'facebook login> Setting> '. But I can not set Enforce HTTPS as NO. Is this problem is from mine? OR I facebook restrict to use https instead of http?
enable Client OAuth Login and write "localhost:3000" in Valid OAuth Redirect URIs.
Save changes. it will automatically change to https://localhost:3000 , but it doesn't matter...
And set Status: In Development (THIS IS IMPORTANT!)
Then it will work in your http localhost.
But I can not set Enforce HTTPS as NO. Is this problem is from mine?
https://developers.facebook.com/docs/facebook-login/security:
Enforce HTTPS. This setting requires HTTPS for OAuth Redirects and pages getting access tokens with the JavaScript SDK. All new apps created as of March 2018 have this setting on by default and you should plan to migrate any existing apps to use only HTTPS URLs by March 2019.
Sounds to me, like they don’t want you to be able to even start without HTTPS, when you are creating a new app now.
Plus, Chrome has recently announced that they will mark all HTTP sites as insecure soon, from version 68 on, that will be released in July 2018. So you’re gonna have to go HTTPS rather sooner than later anyway.
The “big players” of the industry are currently pushing for this big time, whether we want it or not.
If you just enable Client OAuth Login and write just localhost:{port} to Valid OAuth Redirect URIs, it will work.
If you're developing locally with create-react-app, a quick solution is to add
HTTPS=true
to your .env file and just comment it out when you're not testing Facebook login.
It seems like Business apps do not have app modes and instead rely exclusively on access levels. Because of this, you can't set the app to the "Development mode".
All newly created apps start out in Development mode and you should avoid changing it until you have completed all development and testing.
https://developers.facebook.com/docs/development/build-and-test/
https://developers.facebook.com/docs/development/build-and-test/app-modes
However, if you wanna try out your app in a localhost, you need to create a test app, like you can check out in this thread:
How to fix 'Facebook has detected MyApp isn't using a secure connection to transfer information.' error in Laravel
I'm running Win Web Server 2008 R2.
I've got a site setup for development which I access on my test machine like this http://bossingway/
I'm trying to put the facebook login on this using their standard code they provide. I haven't added anything.
I've added http://bossingway/ to the SiteURL and it says the URL contains an invalid domain.
I've also tried adding it to Valid OAuth redirect URIs.
I keep getting the Given URL is not allowed by the Application configuration error from Facebook.
How do I get it to work on my testing server.
Looks like you're missing the top level domain, if your top level domain is '.com' for example, then you need to add 'http://bossingway.com'
I am trying to build an application on my local machine using Twitter's OAuth 1.1 API and Facebooks SDK v4 both for PHP.
Both of these mechanisms redirect the user to prompt for permission and redirect back to website. I can get both working but they will not work under the same local url.
I set everything up for Facebook on localhost without any issues but twitter (staggeringly) does not allow using localhost (see here How to test the twitter API locally?). So instead I set up a virtual host using my Mac based MAMP installation and added that url to both Twitter and Facebook applications. Now Facebook does not allow me to use my virtual host. When the prompt for permissions happens and Facebook redirects back to my site, when I try and retrieve the session using getSessionFromRedirect() it returns NULL. This does not happen if I run the same code using localhost.
I have tried using 127.0.0.1 but Facebook does not allow this either (error is invalid because it is a Facebook url!), but Twitter does!?!
Has anyone else had any problems with this or does anyone have any pointers that would help me to test both of these on the same deployment.
Many thanks in advance.
I'm developing a website that is going to use Facebook authentication.
I'm using GWT and it works fine when I run the code compiled, but when I'm running the development it does not work.
The problem is when I'm trying to retrieve the access_token from Facebook.
I'm receiving the error below:
"error":{"message":"Error validating verification code. Please make sure your redirect_uri is identical to the one you used in the OAuth dialog request","type":"OAuthException","code":100}"
Obviously, the redirect_uri is identical as the login url one.
I found out (by this topic) that the problem is the last part of the url "?gwt.codesvr=127.0.0.1:9997".
How can I solve this? or how can I manage to use the GWT development mode with this problem?
Thanks,
Normally this is due to the url verification FB does.
When you register a new app in FB you have to configure the set of domains (App Domains) authorized to use the FB login form.
Unfortunately you cannot set 127.0.0.1 nor localhost as a valid domain, so you cannot use GWT dev-mode unless you configure a hostname in your domain pointing to your localhost.
If you set mydomain.com as a valid App Domain in your FB application, configure localhost.mydomain.com pointing to 127.0.0.1 in your local hosts file or in your DNS server. Then use http://localhost.mydomain.com:8888/myapp.html?gwt.codesvr=localhost.mydomain.com:9997 to run dev mode in your browser.
I found out the problem.
By encoding only the gwt.codesvr value it works.
However, using php urlencode function on it did not work, I had to encode it myself.
The gwt dev param ended like this "?gwt.codesvr=127.0.0.1%3A9997"
I've scoured SO and googed all over the place, and I'm still stuck. I feel a little ridiculous, but I've been banging my head against this wall for a few hours.
Here are my FB app settings:
App Domain: name.local
Site URL: http://name.local:4000
I'm running a local web server and have a web application up and running.
Authentication works (which seems odd because my redirect_url is the same in both the authentication URL and the dialog/feed URL)
name.local is in my /etc/hosts file and points to 127.0.0.1.
I'm running on port 4000.
This URL doesn't work:
https://www.facebook.com/dialog/feed?client_id=nnnnnn&redirect_uri=http%3A%2F%2Fname.local%3A4000&name=aname&caption=acaption&description=descr&show_error=true
I get this error message:
API Error Code: 191
API Error Description: The specified URL is not owned by the application
Error Message: redirect_uri is not owned by the application.
I'm using test users (created using the FB test user API).
I've checked that my Site URL and redirect URL are in unison about a million times.
Any idea what I'm doing wrong?
Site url and app url must be shame .
app url should not contain protocol information .
site url should contain protocol
I love computers, they do exactly what you tell them to :)
I had to use app_id instead of client_id (that's what I get for copying and pasting from my authorization code).