Updating the Facebook app API or creating a new app will break existing logins. See troubleshooting below for a solution.
Update December 2018 – HTTPS protocol is now mandatory for all URI redirects.
Go to developers.facebook.com/apps and …
Login with the credentials of the account you want to connect to Discourse and follow the wizard.
If you already have other apps instead of
Get Startedyou will see the entry
My Apps, then just click on
Add new appand follow the guide from step 1b
1a. Select Developer
1b. Provide a name for the app, for example
Discourse Loginand click on Next.
1c. Click on Add your first product
Click Set Up below Facebook Login.
From the menu on the left, exit Quickstart by clicking on Settings under
Valid OAuth redirect URIfield, entering
https://discourse.example.com/auth/facebook/callback– obviously, replacing the domain with your site’s actual domain name and matching the HTTPS protocol. Remeber that the HTTPS protocol is now mandatory for all URI redirects. Click Save Changes.
Once completed, a successful setup should look like this in Products/Facebook Login/Settings:
Navigate to Settings/Basic, enter your Discourse URL (
https://discourse.example.com) in the
If you have a company that does business in the European Union, you may want to fill in the
Data Protection Officer Contact Informationform before clicking on Save Changes.
At the bottom of the page click on
Add Platformand select
Enter your Discourse URL here, for example
https://discourse.example.comand click Save Changes
Click on the Status button to change your app from
The category you select does not matter.
After a few seconds the button will become:
In Discourse site settings, enter your Facebook app’s App ID and App Secret in the
facebook app idand
facebook app secretfields. You’ll also want to check off
Enable Facebook authentication, requires facebook_app_id and facebook_app_secret
That’s it! Facebook login should work now. Be sure to test it from a “normal” Facebook account, not your developer account.
If the Facebook app API is updated, or the app ID/secret are change, you’ll need to remove existing associations from your site before users can log in again. To remove this data, run the following:
cd /var/discourse ./launcher enter app rails c UserAssociatedAccount.where(provider_name: "facebook").delete_all
If you are a Discourse hosting customer, contact @team and we can assist.