
Support
This integration is supported by Auth0. Learn more
A fast and convenient way for users to log into your app with Facebook
Facebook Login is a fast and convenient way for over 2.5 billion people to create accounts and log into your app across multiple platforms. It's available on iOS, Android, Web, desktop apps and devices such as Smart TVs, and "Internet of Things" objects. Facebook Login enables two scenarios, authentication and asking for permissions to access people's data. You can use Facebook Login simply for authentication or for both authentication and data access.
Support
This integration is supported by Auth0. Learn more

Real Identity
When people choose to login with Facebook, they can share their real identity through their public profile. Public Profile includes a person's real name and a profile picture. Apps based on real identity often have less spam and foster higher quality conversations.

Gradual Authorization
Easy gradual authorization so you don't have to request all the information you want up front, you can do it over time. As their experience with your app deepens, you can request additional information to further enhance their experience.

Personal Control
Great experiences start by giving people control. With Facebook Login, people can choose which information they share with your app. They can still get the benefits of logging in with Facebook even if they feel uncomfortable granting access to certain information.
The Facebook social connection allows users to log in to your application using their Facebook profile.
By default, Auth0 automatically syncs user profile data with each user login, thereby ensuring that changes made in the connection source are automatically updated in Auth0. Optionally, you can disable user profile data synchronization to allow for updating profile attributes from your application.
Prerequisites
Before you begin, sign up for a Facebook Developer account.
Set up app in Facebook
Create an app in the Facebook Developer portal, and add Facebook Login to the app as a Product. During this process, Facebook will generate a App ID and App Secret for your application; make note of these.
While setting up your app, use the following settings:
Field | Value to Provide |
---|---|
How are you using your app? | Select For everything else. |
Permissions and Features | Select the permissions your app will require. Only the default and email permissions do not require app review by Facebook. |
While setting up the Facebook Login product, use the following settings:
Field | Value to Provide |
---|---|
Client OAuth Settings | Enable Web OAuth Login (web applications) or Client OAuth Login (native applications), depending on your app type. |
Valid OAuth Redirect URIs | https://YOUR_DOMAIN/login/callback |
Deauthorize Callback URL | Enter the URL you would like Facebook to call when a user does not consent to your app. |
Find your Auth0 domain name
If your Auth0 domain name is not shown above and you are not using our custom domains feature, your domain name is your tenant name, your regional subdomain (unless your tenant is in the US region and was created before June 2020), plus.auth0.com
. For example, if your tenant name were exampleco-enterprises
, your Auth0 domain name would be exampleco-enterprises.us.auth0.com
and your redirect URI would be https://exampleco-enterprises.us.auth0.com/login/callback
. (If your tenant is in the US and was created before June 2020, then your domain name would be https://exampleco-enterprises.auth0.com
.)
If you are using custom domains, your redirect URI will have the following format: https://<YOUR CUSTOM DOMAIN>/login/callback
.
Test connection
You're ready to test your connection. After logging in, you'll be prompted to allow your app access. To do so, click Install unlisted app.
Access Facebook's API
Once a user successfully authenticates, Facebook will include an Access Token in the user profile it returns to Auth0. You can use this token to call Facebook's API.
To get the Facebook Access Token, you must retrieve the full user's profile using the Auth0 Management API and extract the Access Token from the response. For detailed steps, see Call an Identity Provider's API.
Using the token, you can call Facebook's API following Facebook's documentation.
Optional: Get a Refresh Token from Facebook to refresh your Access Token once it expires. To ensure your application is secure, pay close attention to the restrictions on using Refresh Tokens.
Facebook lets you select the minimum version of the Facebook API that is available to the application. This can be changed in the in the 'Settings/Advanced' section of your application in the Facebook developer portal.
Auth0 has been tested with version 3.2. We recommend setting that as the minimum version, but it could work with newer versions.
Facebook re-authentication
Once users authenticate, they will be prompted to accept the permissions your app has requested. Once they authenticate and accept, they will not be expected to re-authenticate unless you force them to. To learn how to force re-authentication, see Facebook's Re-Authentication documentation.
Support
This integration is supported by Auth0. Learn more