HTML and CSS Reference
In-Depth Information
scope
is a comma-separated list of permissions that are being requested from Facebook. There
is a full list in Facebook's developer docs, referenced earlier, but the only one used in this topic
is
email
.
3
•
state
is an arbitrary string generated to guard against cross-site request forgery. This is
technically optional, but it should be used.
•
Obtaining Authorization from the User
After the user clicks the login link generated in the previous section, she will see Facebook's authorization dialog. This
shows her what permissions were requested and gives her the option to confirm or deny that she wishes to grant these
permissions to your app.
Assuming that she approves the authorization request, Facebook will redirect her back to your app's
authorization endpoint, which was passed in the
redirect_uri
parameter of the login link. Facebook will send back a
code
and the value of
state
from the login link, which will look something like this:
■
the value of
code
will be a long string generated by Facebook that is unique to each request.
CODE_GENERATED_BY_FACEBOOK
is a placeholder.
Note
Requesting an Access Token
Armed with the value of
code
, your app can request an access token from Facebook. This is accomplished by sending the
code
, your app's credentials in
client_id
and
client_secret
, and your app's authorization endpoint in
redirect_uri
.
The URL will look something like this:
■
the value of
client_secret
is the other part of the credentials provided for your app by Facebook after it's
registered. the value
YOUR_APP_SECRET
is a placeholder and should be replaced with your app's credentials.
Note
Assuming that all the required parameters are correct and valid, Facebook will return an access token in
access_token
, along with an indication of how long the token is valid (in seconds) in
expires
.
access_token=USER_ACCESS_TOKEN&expires=NUMBER_OF_SECONDS_UNTIL_TOKEN_EXPIRES
■
the value of
access_token
is a unique value generated by Facebook. the value of
expires
will be an integer.
the current values
USER_ACCESS_TOKEN
and
NUMBER_OF_SECONDS_UNTIL_TOKEN_EXPIRES
are placeholders.
Note
3
Search WWH ::
Custom Search