I have created a facebook developer account but i am able to login through my account that i habve created on facebook if i login with other user i'm not able to login. Is there any settings in facebook developer console.
Any solution please
Related
I have developed an app that is using Auth APIs of Facebook and Gmail. as you know we don't need any email password to login just click on facebook or gmail button and auth API generates authentication token to login into app.
So I am submitting that app on playstore but they are rejecting and asking for login credentials. I have provided them my gmail account login credentials but they using those credentials to login into facebook account and rejected my app again.
what I should do to avoid rejection again?
If I am currently on my computer logged in via gmail and then login via your application, your app makes the connection between my gmail account and the account of your website.
If I logout, only my session on your website is destroyed and I am logged out from your website. This has no impact on my logged in status on gmail. If I visit the gmail website now, I will still be logged in via my gmail account. Therefore, if I again visit your website and login via gmail, I will be logged in with my associated account.
So if another person wants to login, I first have to go to gmail and logout. The other person has to login on gmail and can then login on your website with his gmail credentials.
How to solve this ? So that logout works for both gmail and my site.
Trying to get my head around the Identityerver4 setup for my project. I have a mobile app where users should be able to login with either facebook or username/password. Facebook login is implemented using the native facebook if available on the device. This results in a token from facebook. With this token I want to request an access_token and refreshtoken (hybrid flow) to access my api (resource). At the same time, some users will also log in unsing username and password.
As I need some info about the user, my plan is to user ASPNET Identity but I'm not sure how to make it wotk together with IdentityServer and If user profiles should be created in Identity based on both logins (registration). It seems obvious for the username/password login, but what about my social facebook login. Later there might also be a web client. So my basic question is how to handle the user registration with both setups
I have a code which helps me to successfully authorize my application by pinterest.
My application gets listed in my pinterest app settings, but each time I login, pinterest asks me to authorize the app.
Is there a way to avoid it ? Can I check if my app is authorized by the user and skip this procedure every time I try to login with pinterest?
I use Oauth 2.0 for authentication.
I am looking forward to integrate logging in users using Facebook's authentication. I have my app protected by OpenAM and the users are already registered there. I have my own login page and would not like to move this to OpenAM and retain it in my app. As of now, I am using REST calls to authenticate users in OpenAM. Now, I want to integrate login using Facebook. My idea of implementation is as following:
User logs in using original credentials and is authenticated in
OpenAM.
User is asked to associate his/her Facebook account with the
OpenAM account.
User authenticates his/her Facebook account
(https://www.facebook.com/dialog/oauth?app_id={app-id-as-created-in-fb-developers-console}&redirect_uri={my-rest-service}).
This will return the code and that can be used to recheck against
Facebook to ensure that the user was authenticated against my app
and this is not a hacker intervention
(http://graph.facebook.com/debug_token?%20input_token={code-returned-from-facebook}&access_token={my-app's-access-token}.
The response will contain the app ID that can be verified against my
App's ID. On success, I shall call OpenAM to associate the user in
OpenAM with his/her Facebook credentials (Not sure what all to use
here.)
Next, whenever the user wants to login, he/she can use Facebook
login where in the redirect URL would be my REST service and the
code returned from Facebook can be rechecked from Facebook and then
OpenAM will be called to authenticate.
My queries:
I am not sure if this approach is feasible.
How do I pair an existing user in OpenAM with the Facebook account?
How do I authenticate the user in OpenAM after Facebook login, with
the userID?
Is the Facebook userID (numeric,returned from Facebook graph in JSON
response), unique and permanent?
I would also want to give the users an option to de-associate the
existing Facebook account and associate a new one-how do I do this?
Apologies for asking too many questions, but I am new to OpenAM and OAuth and keen on following the approach I have mentioned above.
Thank you.
As an aside, it will probably be much easier in the future if you delegate all of the login to OpenAM, and let it deal with local login and social. This will make it really easy to add more social providers.
If you want to keep your current architecture, you can create a new authentication chain in OpenAM that just has social (facebook) login. You should be able to redirect the user to that chain. Once the social login process is complete, you can have OpenAM redirect back to your application page.
To link local and social login you are going to have to offer some kind of account claiming in your application. After they do a social login you could ask them to link their local account by providing the username and password. You can call OpenAM's REST API to validate the credentials.
This kind of linking can be confusing for users - so sometimes it is better to treat them as separate accounts, or have a migration process for the user to migrate to social only.