Configuring Facebook login for Discourse

(RBoy) #76

Maybe @codinghorror can confirm

(Jeff Atwood) #77

We don’t use any of those fields, never have, so I don’t know why it would matter. As @scombs said.

(Steven) #78

I have the same message, then I got curious and created a new app, but now you can only use API version 3.0 which seems to be not compatible with Discourse v2.0.0.beta10 +5 like here

(Jeff Atwood) #79

I believe it is compatible but you have to erase all the old FB tokens, @jomaxro can clarify.

(Joshua Rosenfeld) #80

Correct, the commands shared by @sam in How To Fix / Remove All Facebook Logins For Updated AppID are neccessary after updating/changing the FB app. I’ll edit the commands into the guide above tomorrow.

(RBoy) #81

@codinghorror , would like clarify a few things here:

  1. If we don’t change the Facebook app and continue to use the existing app, FB will revoke the permissions I mentioned above and as I understand that information is not used by Discourse. So will things continue to function after they revoke access or do we need to create a new Facebook app?
  2. If one follows the instructions in the link posted by @jomaxro and nuke all the existing FB user information, does that mean existing users will need to sign up again? Will there be any impact to existing users?
  3. From a Facebook/Social media perspective we need to disclose what information is collected about the users (GDPR). So what fields are used by the Facebook integration?
1 Like
(Joshua Rosenfeld) #82

Everything will continue to function. Discourse never used the extra information that it was apparently receiving, so not receiving it won’t change anything.

No, users won’t see a difference, they’ll continue to sign in as usual. We link accounts via email, so as long as they haven’t changed their FB email, nothing changes.

Full name, email, and profile picture (avatar).

(Arnon Axelrod) #84

I can’t find “Create or Add a New App” on Is the site changed, or maybe I have to first create a developer account?
I clicked the “Get Started” link in to the top menu, but after filling in the App Name and Contact email and clicking Next, the “Next” button becomes disables and nothing else happen.

(Daniela) #85

You should login with your facebook credentials, after that you will see a popup for create a new dev account. There is a wizard to follow

(Daniela) #86

Guide updated with the new initial steps, I also added a note about the GDPR (step 5)


I got this error message when I try to connect with my facebook account:

Insecure Login Blocked: You can’t get an access token or log in to this app from an insecure page. Try re-loading the page as https://

Is it because I have to use httpS for my discourse forum? I’m currently using a http address

(Jeff Atwood) #88

Yes, that is the reason.


Ok thanks.

I think this sentence is misleading then

obviously, replacing the domain with your site’s actual domain name and matching the correct protocol, http or https

When I read it I understood that htttp was compatible with facebook login

(Jeff Atwood) #90

Sure that may have been true in 2014. We will update the docs!

1 Like

I needed one step more, described in How to add Sign Up with Facebook (OAuth) Option to Forum - Detailed Verified Steps • Crunchify as Step 3

(Daniela) #95

The only difference that I can see is that they have enabled also Login from devices.

Client OAuth Login and Web OAuth Login are already enabled by default.

Are you referring to this?


sry, my fault @Dax

(Peter N Lewis) #97

I’m thinking of turning off support for facebook authentication - is there any way to see how many people are using it and how often?

(Sam Saffron) #98

@rishabhn is there a data explorer query that at least breaks down to the number of users per login method.

(Rishabh Nambiar) #100

Here’s a query that that breaks down login methods used by active users: What cool data explorer queries have you come up with?