Connect Apps to Facebook
You can add functionality to your web app that allows your users to log in with Facebook.
Before you connect your Auth0 app to Facebook, you must have a Facebook Developer account. Follow the instructions in Facebook App Development docs. You must get an access token that allows you to access the Facebook API.
To connect your app to Facebook, you will:
Set up your app in Facebook
- Log in to the Facebook Developer portal.
- Follow steps for App Development to register your app.
- Add Facebook Login to your app in the App Dashboard. When asked to select a scenario, choose Facebook Login.
- On the Facebook Login > Settings page, under Valid Oauth Redirect URIs, enter your callback URL:
You can also set a Deauthorize Callback URL that will be called when a user deauthorizes your app.
Find your Auth0 domain name for redirects
If your Auth0 domain name is not shown above and you are not using our custom domains feature, your domain name is your tenant name, plus
.auth0.com. For example, if your tenant name were
exampleco-enterprises, your Auth0 domain name would be
exampleco-enterprises.auth0.com and your redirect URI would be
If you are using custom domains, your redirect URI will have the following format:
https://<YOUR CUSTOM DOMAIN>/login/callback.
Once you are done you should have two pieces of information: the Client ID and Client Secret for your app.
Create and enable a connection in Auth0
Set up the Facebook social connection in Auth0. Make sure you have the API key and the API secret key generated.
Test the connection
You're ready to test your connection. After logging in, you'll be prompted to allow your app access. To do so, click Install unlisted app.
Access Facebook's API
Once a user successfully authenticates, Facebook will include an Access Token in the user profile it returns to Auth0. You can use this token to call Facebook's API.
To get the Facebook Access Token, you must retrieve the full user's profile using the Auth0 Management API and extract the Access Token from the response. For detailed steps, see Call an Identity Provider's API.
Using the token, you can call Facebook's API following Facebook's documentation.
Facebook lets you select the minimum version of the Facebook API that is available to the application. This can be changed in the in the 'Settings/Advanced' section of your application in the Facebook developer portal.
Auth0 has been tested with version 3.2. We recommend setting that as the minimum version, but it could work with newer versions.
Once users authenticate, they will be prompted to accept the permissions your app has requested. Once they authenticate and accept, they will not be expected to re-authenticate unless you force them to. To learn how to force re-authentication, see Facebook's Re-Authentication docs.
Context Facebook field deprecation
As of 30 July 2019, Facebook connections that request the
context field fail, so Auth0 does not request it for all connections.
If you are not using the ‘context’ field in the Facebook profile returned by Auth0 in your application, then your application will keep working without changes. Otherwise, you will need to adjust your application code so it does not rely on it.
If you want to make sure your application is not affected we recommend you make sure that the ‘Social context’ field is unchecked in the Facebook connection properties.