eyJleHRlcm5hbF9saW5rIjoiaHR0cHM6Ly9kZXZlbG9wZXJzLmZhY2Vib29rLmNvbS9kb2NzL2ZhY2Vib29rLWxvZ2luL292ZXJ2aWV3IiwiZXh0ZXJuYWxfbGlua190ZXh0IjoiRmFjZWJvb2sgZm9yIERldmVsb3BlcnMiLCJzdXBwb3J0X2xldmVsIjoic3VwcG9ydGVkIiwibWV0YV90aXRsZSI6IkZhY2Vib29rIEludGVncmF0aW9uIHdpdGggQXV0aDAiLCJtZXRhX2Rlc2NyaXB0aW9uIjoiRmFjZWJvb2sgLSBBIGZhc3QgYW5kIGNvbnZlbmllbnQgd2F5IGZvciB1c2VycyB0byBsb2cgaW50byB5b3VyIGFwcCB3aXRoIEZhY2Vib29rIiwidmFsdWVfcHJvcHMiOlt7ImltYWdlIjoiaHR0cHM6Ly9jZG4uYXV0aDAuY29tL21hcmtldHBsYWNlL2NhdGFsb2cvY29udGVudC9hc3NldHMvc29jaWFsLWNvbm5lY3Rpb25zL2ZhY2Vib29rL21lZGlhL2ZiXzEucG5nIiwidGl0bGUiOiJSZWFsIElkZW50aXR5IiwiZGVzY3JpcHRpb24iOiJXaGVuIHBlb3BsZSBjaG9vc2UgdG8gbG9naW4gd2l0aCBGYWNlYm9vaywgdGhleSBjYW4gc2hhcmUgdGhlaXIgcmVhbCBpZGVudGl0eSB0aHJvdWdoIHRoZWlyIHB1YmxpYyBwcm9maWxlLiBQdWJsaWMgUHJvZmlsZSBpbmNsdWRlcyBhIHBlcnNvbidzIHJlYWwgbmFtZSBhbmQgYSBwcm9maWxlIHBpY3R1cmUuIEFwcHMgYmFzZWQgb24gcmVhbCBpZGVudGl0eSBvZnRlbiBoYXZlIGxlc3Mgc3BhbSBhbmQgZm9zdGVyIGhpZ2hlciBxdWFsaXR5IGNvbnZlcnNhdGlvbnMuIn0seyJpbWFnZSI6Imh0dHBzOi8vY2RuLmF1dGgwLmNvbS9tYXJrZXRwbGFjZS9jYXRhbG9nL2NvbnRlbnQvYXNzZXRzL3NvY2lhbC1jb25uZWN0aW9ucy9mYWNlYm9vay9tZWRpYS9mYl8yLnBuZyIsInRpdGxlIjoiR3JhZHVhbCBBdXRob3JpemF0aW9uIiwiZGVzY3JpcHRpb24iOiJFYXN5IGdyYWR1YWwgYXV0aG9yaXphdGlvbiBzbyB5b3UgZG9uJ3QgaGF2ZSB0byByZXF1ZXN0IGFsbCB0aGUgaW5mb3JtYXRpb24geW91IHdhbnQgdXAgZnJvbnQsIHlvdSBjYW4gZG8gaXQgb3ZlciB0aW1lLiBBcyB0aGVpciBleHBlcmllbmNlIHdpdGggeW91ciBhcHAgZGVlcGVucywgeW91IGNhbiByZXF1ZXN0IGFkZGl0aW9uYWwgaW5mb3JtYXRpb24gdG8gZnVydGhlciBlbmhhbmNlIHRoZWlyIGV4cGVyaWVuY2UuIn0seyJpbWFnZSI6Imh0dHBzOi8vY2RuLmF1dGgwLmNvbS9tYXJrZXRwbGFjZS9jYXRhbG9nL2NvbnRlbnQvYXNzZXRzL3NvY2lhbC1jb25uZWN0aW9ucy9mYWNlYm9vay9tZWRpYS9mYl8zLnBuZyIsInRpdGxlIjoiUGVyc29uYWwgQ29udHJvbCIsImRlc2NyaXB0aW9uIjoiR3JlYXQgZXhwZXJpZW5jZXMgc3RhcnQgYnkgZ2l2aW5nIHBlb3BsZSBjb250cm9sLiBXaXRoIEZhY2Vib29rIExvZ2luLCBwZW9wbGUgY2FuIGNob29zZSB3aGljaCBpbmZvcm1hdGlvbiB0aGV5IHNoYXJlIHdpdGggeW91ciBhcHAuIFRoZXkgY2FuIHN0aWxsIGdldCB0aGUgYmVuZWZpdHMgb2YgbG9nZ2luZyBpbiB3aXRoIEZhY2Vib29rIGV2ZW4gaWYgdGhleSBmZWVsIHVuY29tZm9ydGFibGUgZ3JhbnRpbmcgYWNjZXNzIHRvIGNlcnRhaW4gaW5mb3JtYXRpb24uIn1dfQ==

Facebook Login is a fast and convenient way for over 2.5 billion people to create accounts and log into your app across multiple platforms. It's available on iOS, Android, Web, desktop apps and devices such as Smart TVs, and "Internet of Things" objects.
Facebook Login enables two scenarios, authentication and asking for permissions to access people's data. You can use Facebook Login simply for authentication or for both authentication and data access.

<p>The Facebook social connection allows users to log in to your application using their Facebook profile.</p>
<p>By default, Auth0 automatically syncs user profile data with each user login, thereby ensuring that changes made in the connection source are automatically updated in Auth0. Optionally, you can <a href="https://auth0.com/docs/users/configure-connection-sync-with-auth0">disable user profile data synchronization</a> to allow for updating profile attributes from your application.</p>


<h2 id="prerequisites">Prerequisites</h2>
<p>Before you begin, <a href="https://developers.facebook.com/">sign up for a Facebook Developer account</a>.</p>


<h2 id="set-up-app-in-facebook">Set up app in Facebook</h2>
<p>Create an app in the <a href="https://developers.facebook.com/">Facebook Developer portal</a>, and add <strong>Facebook Login</strong> to the app as a <strong>Product</strong>. During this process, Facebook will generate a <strong>App ID</strong> and <strong>App Secret</strong> for your application; make note of these.</p>
<p>While setting up your app, use the following settings:</p>
<table class="table"><thead><tr><th>Field</th><th>Value to Provide</th></tr></thead><tbody><tr><td>How are you using your app?</td><td>Select <strong>For everything else</strong>.</td></tr><tr><td>Permissions and Features</td><td>Select the permissions your app will require. Only the <code>default</code> and <code>email</code> permissions do not require app review by Facebook.</td></tr></tbody></table>

<p>While setting up the Facebook Login product, use the following settings:</p>
<table class="table"><thead><tr><th>Field</th><th>Value to Provide</th></tr></thead><tbody><tr><td>Client OAuth Settings</td><td>Enable <strong>Web OAuth Login</strong> (web applications) or <strong>Client OAuth Login</strong> (native applications), depending on your app type.</td></tr><tr><td>Valid OAuth Redirect URIs</td><td><code>https://YOUR_DOMAIN/login/callback</code></td></tr><tr><td>Deauthorize Callback URL</td><td>Enter the URL you would like Facebook to call when a user does not consent to your app.</td></tr></tbody></table>

<h3 id="find-your-auth0-domain-name">Find your Auth0 domain name</h3>
<p>If your Auth0 domain name is not shown above and you are not using our custom domains feature, your domain name is your tenant name, your regional subdomain (unless your tenant is in the US region and was created before June 2020), plus<code>.auth0.com</code>. For example, if your tenant name were <code>exampleco-enterprises</code>, your Auth0 domain name would be <code>exampleco-enterprises.us.auth0.com</code> and your redirect URI would be <code>https://exampleco-enterprises.us.auth0.com/login/callback</code>. (If your tenant is in the US and was created before June 2020, then your domain name would be <code>https://exampleco-enterprises.auth0.com</code>.)</p>
<p>If you are using <a href="https://auth0.com/docs/custom-domains">custom domains</a>, your redirect URI will have the following format: <code>https://&lt;YOUR CUSTOM DOMAIN&gt;/login/callback</code>.</p>


<h2 id="test-connection">Test connection</h2>
<p>You&#39;re ready to <a href="https://auth0.com/docs/dashboard/guides/connections/test-connections-social">test your connection</a>. After logging in, you&#39;ll be prompted to allow your app access. To do so, click <strong>Install unlisted app</strong>.</p>


<h2 id="access-facebooks-api">Access Facebook&#39;s API</h2>
<p>Once a user successfully authenticates, Facebook will include an Access Token in the user profile it returns to Auth0. You can use this token to call Facebook&#39;s API.</p>
<p>To get the Facebook Access Token, you must retrieve the full user&#39;s profile using the Auth0 Management API and extract the Access Token from the response. For detailed steps, see <a href="https://auth0.com/docs/connections/calling-an-external-idp-api">Call an Identity Provider&#39;s API</a>.</p>
<p>Using the token, you can call Facebook&#39;s API following Facebook&#39;s documentation.</p>
<p>Optional: Get a <a href="https://auth0.com/docs/tokens/guides/get-refresh-tokens">Refresh Token</a> from Facebook to refresh your Access Token once it expires. To ensure your application is secure, pay close attention to the <a href="https://auth0.com/docs/tokens/concepts/refresh-tokens#restrictions-and-limitations">restrictions on using Refresh Tokens</a>.</p>
<p>Facebook lets you select the minimum version of the Facebook API that is available to the application. This can be changed in the in the &#39;Settings/Advanced&#39; section of your application in the Facebook developer portal.</p>
<p>Auth0 has been tested with version 3.2. We recommend setting that as the minimum version, but it could work with newer versions.</p>


<h2 id="facebook-re-authentication">Facebook re-authentication</h2>
<p>Once users authenticate, they will be prompted to accept the permissions your app has requested. Once they authenticate and accept, they will not be expected to re-authenticate unless you force them to. To learn how to force re-authentication, see Facebook&#39;s <a href="https://developers.facebook.com/docs/facebook-login/reauthentication">Re-Authentication</a> documentation.</p>


Facebook - A fast and convenient way for users to log into your app with Facebook

Facebook Integration with Auth0

Facebook

Auth0 makes authentication and authorization easy. From SSO to MFA, passwordless to user profiling, and consumer to SaaS apps, we’ve got what you need to tackle any identity use case.

Secure access for everyone but not just anyone

A fast and convenient way for users to log into your app with Facebook

When people choose to login with Facebook, they can share their real identity through their public profile. Public Profile includes a person's real name and a profile picture. Apps based on real identity often have less spam and foster higher quality conversations.

Real Identity

Easy gradual authorization so you don't have to request all the information you want up front, you can do it over time. As their experience with your app deepens, you can request additional information to further enhance their experience.

Gradual Authorization

Great experiences start by giving people control. With Facebook Login, people can choose which information they share with your app. They can still get the benefits of logging in with Facebook even if they feel uncomfortable granting access to certain information.