Configuring Facebook login for Discourse


(Jeff Atwood) #1

Go to developers.facebook.com/apps and …

  • “Create a New App”.

  • Provide a name for the app, for example “Discourse Login”.

  • Click “Create App ID”.

  • Click “+ Add Product” on the left.

  • Click “Set Up” below Facebook Login.

    image

  • Exit Quickstart by clicking “Settings” on the left

    image

  • When asked for “Valid OAuth redirect URI”, enter https://discourse.example.com/auth/facebook/callback – obviously, replacing the domain with your site’s actual domain name and matching the correct protocol, http or https.

Once completed, a successful setup should look like this in Products / Facebook Login / Settings:

Navigate to Settings / Basic:

  • Click “:heavy_plus_sign: Add Platform”

  • Enter your Discourse URL here, for example https://meta.discourse.org

  • Enter your Discourse URL in the “App Domains” field.

  • Enter the URL for your Discourse site privacy policy and Terms of Service in the appropriate fields.

In Discourse site settings, enter your Facebook app’s App ID and App Secret in the facebook app id and facebook app secret fields. You’ll also want to check off Enable Facebook authentication, requires facebook_app_id and facebook_app_secret

Finally, don’t forget to go to App Review and make your app public! The category you select does not matter.

That’s it! Facebook login should work now. Be sure to test it from a “normal” Facebook account, not your developer account.

:bell: As of Discourse 1.7, you can also set the optional setting facebook_request_extra_profile_details.

This site setting will request bio, website url and location from Facebook. If you enable this setting your integration app will have to be approved by Facebook, when you first login you will see a link to authorization instructions by facebook.


Guidance on creating a Facebook Single-Sign-On
FB LOGIN to discourse
Facebook sign up form doesn't validate email address
Why showing blank email box during Facebook sign up?
Moving over Facebook Group (not an import question)
User should be able to login without verification
[Paid] Discourse configuration changes
FB LOGIN to discourse
Facebook new oauth policy
Use SSL OAuth Redirect URLs
Facebook/google and also twitter login error
Login with Social Media accounts
Configure oauth callback urls
(Jakub Ryška) #8

I can see, that the login with facebook creates a popup during the login. Is there a way, how to configure it so it doesn’t create the popup but maybe a redirect instead of it? The popups may be blocked by the user browser.


(lid) #9

It will be interesting to see if the facebook library. Will detect a popup blocker and make the redirect instead.

@coubeatczech can you test it by setting your browser to block popup on your test site


(Jakub Ryška) #10

Yes, if I add popup blocker to my browser, it then immediatelly kills the popup and the login will fail.


(Jeff Atwood) #27

Yes, you’ll see this alert but only if you log in using the Facebook credentials of the person who registered this Facebook application:

We can’t see any other consequence of this; the local login works fine.


(Marco) #29

I get an error: “This account is not authorized to manage apps. Please use your verified personal Facebook account to create and manage your apps.”

I have a “company” account con FaceBook.


(Ryan Bolger) #30

I noticed this as well. I was checking the Facebook developer’s guide on default permissions and they basically state that your site must support the condition that users will now allow their email address to be shared. It’s also the case that users can have a facebook account that doesn’t have an email address associated with it (because they signed up with a phone number).

So on the Discourse side, this needs to be handled more gracefully either by allowing a manually entered address or simply telling the user that they must go back and re-authorize the email address permission.

@Grimbly In order to go back and reset the permissions you gave to the site, you need to login to Facebook and go to Settings - Apps. From there, delete the entry for your Discourse related app.


(blaumeer) #31

Have you solved the issue @vulkanino? You need a verified personal Facebook account meaning a personal account tied to a telephone number or other verification method, then use this account to login as developer and cretae a new app.


(Marco) #32

I forgot about it actually!
I didn’t want to create another FaceBook account but it looks like this is the only way to go.
Thanks…


(Fábio Machado De Oliveira) #33

My discourse is asking for user e-mail when I register with facebook login, then it asks for e-mail confirmation. What I did wrong? This doesn’t happen here in meta.discourse.org.


(Kane York) #34

That happens if Facebook isn’t reporting that your email has been verified.

edit: Yep, here’s your login list here on Meta:


Why E-Mail is empty when you signup/login with Facebook?
(John Ellis) #55

Nevermind! Our facebook app page was setup as a desktop app, rather than a web app. I made some changes and it’s working now.


(Joshua Rosenfeld) #65

Some minor UI changes by Facebook, but the overall instructions were correct. I’ve updated the guide.