facebook-oauth

How do I/Can I create a Facebook app for my company without using my personal Facebook account? [closed]

允我心安 提交于 2021-02-18 03:46:43
问题 Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers. Want to improve this question? Update the question so it's on-topic for Stack Overflow. Closed 4 years ago . Improve this question My question is similar to this, but I'm writing from a developer's perspective rather than the company's. I prefer to keep my personal and professional lives separate, and thus would like to be able to create Facebook apps not tied to my personal FB account. Per

How do I/Can I create a Facebook app for my company without using my personal Facebook account? [closed]

血红的双手。 提交于 2021-02-18 03:46:05
问题 Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers. Want to improve this question? Update the question so it's on-topic for Stack Overflow. Closed 4 years ago . Improve this question My question is similar to this, but I'm writing from a developer's perspective rather than the company's. I prefer to keep my personal and professional lives separate, and thus would like to be able to create Facebook apps not tied to my personal FB account. Per

Sign in/Sign up with Facebook - test users

岁酱吖の 提交于 2021-02-10 05:54:07
问题 I am fairly new to facebook integration. I got to add "Sign up/in with Facebook" option to register new users with my web site. I am following these steps: Server-Side Authentication 1) Which account do I use to test this? Will my personal account be suspended or banned if I use it to play with the api? 2) To test the api, do I have to create test users like this? test users 3) Also, to create test users, looks like I need to authenticate as App Can someone explain why I should authenticate

Facebook OAuth security using passport-facebook

强颜欢笑 提交于 2021-02-06 09:31:58
问题 I am currently using a client-side React component to have a user login to Facebook via OAuth in my application. On the server-side, I use the npm package passport-facebook-token to validate the authenticity of the accessToken after a successful client-side login. One practice I do not see often is in addition to asking Facebook if the accessToken is valid, shouldn't the server also check if the email provided by the client's payload matches the e-mail coming back from Facebook? Allow me to

Facebook OAuth security using passport-facebook

守給你的承諾、 提交于 2021-02-06 09:31:14
问题 I am currently using a client-side React component to have a user login to Facebook via OAuth in my application. On the server-side, I use the npm package passport-facebook-token to validate the authenticity of the accessToken after a successful client-side login. One practice I do not see often is in addition to asking Facebook if the accessToken is valid, shouldn't the server also check if the email provided by the client's payload matches the e-mail coming back from Facebook? Allow me to

Facebook: Refreshing long-lived access token automatically

筅森魡賤 提交于 2020-12-30 06:32:51
问题 I'm storing long-lived access tokens for users of my application that have associated their Facebook accounts to it. Since the demise of the offline_access tokens, these long-lived tokens have an expiry date of "about 60 days." However, they can refresh themselves when the user interacts with Facebook. According to the documentation: These tokens will be refreshed once per day when the person using your app makes a request to Facebook's servers. If no requests are made, the token will expire

Facebook: Refreshing long-lived access token automatically

女生的网名这么多〃 提交于 2020-12-30 06:30:54
问题 I'm storing long-lived access tokens for users of my application that have associated their Facebook accounts to it. Since the demise of the offline_access tokens, these long-lived tokens have an expiry date of "about 60 days." However, they can refresh themselves when the user interacts with Facebook. According to the documentation: These tokens will be refreshed once per day when the person using your app makes a request to Facebook's servers. If no requests are made, the token will expire

OAuth 2.0 - does the client-secret has to be “secret”?

主宰稳场 提交于 2020-05-26 05:13:29
问题 I'm just curious - do I need to keep the client_secret from Google/FaceBook/another OAuth 2.0 providers in a 'secret' place? As far as I can see, there're very little things that could be done with client-secret parameter, as soon as I specify very restrictive callback-urls. So is it safe, for instance, to commit 'secret' keys to github/bitbucket/etc as a public repository for some live web-project? As far as I know, client-secret has nothing in common with the developer account on google

OAuth 2.0 - does the client-secret has to be “secret”?

拜拜、爱过 提交于 2020-05-26 05:13:11
问题 I'm just curious - do I need to keep the client_secret from Google/FaceBook/another OAuth 2.0 providers in a 'secret' place? As far as I can see, there're very little things that could be done with client-secret parameter, as soon as I specify very restrictive callback-urls. So is it safe, for instance, to commit 'secret' keys to github/bitbucket/etc as a public repository for some live web-project? As far as I know, client-secret has nothing in common with the developer account on google