I have a PHP iFrame application that needs to clean up data when it is uninstalled from the user's fan page. Is there a URL callback which happens when the application is uninstalled?
App Deauthorization
When a user of your app removes it in
the App Dashboard or blocks the app in
the News Feed, your app can be
notified by specifying a Deauthorize
Callback URL in the Developer App.
During app removal we will send an
HTTP POST request containing a single
parameter, signed_request, which
contains the user id (UID) of the user
that just removed your app. You will
not receive an user access token in
this request and all existing user
access tokens will be automatically
expired.
Related
I have an application on Facebook and I want to remove user's data from my server when he/she removes my application from here. I was looking for such api on Facebook Technical Documentation but I did not find anything.
Facebook can send your app a notification when a user removes the app, it's called the Deauthorization Callback and sends you the user ID so you know the user removed your app
I was thinking about some callback function which facebook could call when user is removing application from his account. Any ideas ?
Check the "Deauthorize Callback" option from the Settings > Advanced menu.
From Facebook docs:
App Deauthorization
When a user of your app removes it in the App Dashboard or blocks the
app in the News Feed, your app can be notified by specifying a
Deauthorize Callback URL in the Developer App. During app removal we
will send an HTTP POST request containing a single parameter,
signed_request, which contains the user id (UID) of the user that just
removed your app. You will not receive an user access token in this
request and all existing user access tokens will be automatically
expired.
if the Facebook user remove my application? how can i get event when he do that? is that doable?
https://developers.facebook.com/apps/[your-app-id]/advanced
Look for: Deauthorize Callback:
From http://developers.facebook.com/docs/authentication/ about 60% down under "App Deauthorization".
When a user of your app removes it in the App Dashboard or blocks the
app in the News Feed, your app can be notified by specifying a
Deauthorize Callback URL in the Developer App. During app removal we
will send an HTTP POST request containing a single parameter,
signed_request, which contains the user id (UID) of the user that just
removed your app. You will not receive an user access token in this
request and all existing user access tokens will be automatically
expired.
The instructions on using Single Sign-On (SSO) with the Facebook IOS SDK are to save the access token and expiration date in fbDidLogin and use them on subsequent calls to avoid unnecessary logins.
But what if the user logs out of Facebook outside the app (e.g. in the Facebook app or in Safari)? The app doesn't know about this, so it tries to use the saved token and expiration date, and to my surprise - they are still valid and the app can access the user's data even though the user has logged out.
Any way around this?
no, there is no way to do this. each FB login a user makes is specific to the client they logged in with. A FB login is not universal across all clients. The FB token you get from the SDK is a token for that user with your app. So if a user logs out of FB in their browser or another app, they have not logged of FB from your app so the token will remain valid until it expires or the app or user explicitly logs out from the context of your app.
Not sure why you are concerned about this. Generally you would want your users to remain logged in. If you have a reason you don't want this don't request "offline_access" permission when you authorize a FB user and you can also logout and de-authorize the user via the FB API based on whatever criteria you deem appropriate.
I am a little confused with the Facebook call back URL. I am building a iPhone application with Facebook login. So I will receive the access token from Facebook after the user logged in. Then I save this access token to my local (server side) DB. After that I want to use this access token to sent for example a post via C#.
What should I define for the callback URL? What is the importance of this?
The callback url is used to provide fast app switching, that is, the user of your app is first redirect to facebook app or site to do the login, then it invokes the url you did define and, if properly configured, it will be redirected to your app again.
You can specify the callback url from developers section on facebook, then you have to support it in the your app plist.