Connect Apps to Facebook
The Facebook social connection allows users to log in to your application using their Facebook profile.
By default, Auth0 automatically syncs user profile data with each user login, thereby ensuring that changes made in the connection source are automatically updated in Auth0. Optionally, you can disable user profile data synchronization to allow for updating profile attributes from your application.
Prerequisites
Before you begin, sign up for a Facebook Developer account.
Steps
To connect your app to Facebook, you will:
Set up app in Facebook
Create an app in the Facebook Developer portal, and add Facebook Login to the app as a Product. During this process, Facebook will generate a App ID and App Secret for your application; make note of these.
While setting up your app, use the following settings:
Field | Value to Provide |
---|---|
How are you using your app? | Select For everything else. |
Permissions and Features | Select the permissions your app will require. Only the default and email permissions do not require app review by Facebook. |
While setting up the Facebook Login product, use the following settings:
Field | Value to Provide |
---|---|
Client OAuth Settings | Enable Web OAuth Login (web applications) or Client OAuth Login (native applications), depending on your app type. |
Valid OAuth Redirect URIs | https://YOUR_DOMAIN/login/callback |
Deauthorize Callback URL | Enter the URL you would like Facebook to call when a user does not consent to your app. |
Find your Auth0 domain name
If your Auth0 domain name is not shown above and you are not using our custom domains feature, your domain name is your tenant name, your regional subdomain (unless your tenant is in the US region and was created before June 2020), plus.auth0.com
. For example, if your tenant name were exampleco-enterprises
, your Auth0 domain name would be exampleco-enterprises.us.auth0.com
and your redirect URI would be https://exampleco-enterprises.us.auth0.com/login/callback
. (If your tenant is in the US and was created before June 2020, then your domain name would be https://exampleco-enterprises.auth0.com
.)
If you are using custom domains, your redirect URI will have the following format: https://<YOUR CUSTOM DOMAIN>/login/callback
.
Create and enable connection in Auth0
Set up the Facebook social connection in Auth0. Make sure you have the generated App ID and the App Secret.
Besides the standard social connection settings, the Facebook social connection configuration includes the following:
Setting | Description |
---|---|
User Data | Attributes of the Facebook user profile. |
Test connection
You're ready to test your connection. After logging in, you'll be prompted to allow your app access. To do so, click Install unlisted app.
Access Facebook's API
Once a user successfully authenticates, Facebook will include an Access Token in the user profile it returns to Auth0. You can use this token to call Facebook's API.
To get the Facebook Access Token, you must retrieve the full user's profile using the Auth0 Management API and extract the Access Token from the response. For detailed steps, see Call an Identity Provider's API.
Using the token, you can call Facebook's API following Facebook's documentation.
Optional: Get a Refresh Token from Facebook to refresh your Access Token once it expires. To ensure your application is secure, pay close attention to the restrictions on using Refresh Tokens.
Facebook lets you select the minimum version of the Facebook API that is available to the application. This can be changed in the in the 'Settings/Advanced' section of your application in the Facebook developer portal.
Auth0 has been tested with version 3.2. We recommend setting that as the minimum version, but it could work with newer versions.
Facebook re-authentication
Once users authenticate, they will be prompted to accept the permissions your app has requested. Once they authenticate and accept, they will not be expected to re-authenticate unless you force them to. To learn how to force re-authentication, see Facebook's Re-Authentication documentation.