Presentation is loading. Please wait.

Presentation is loading. Please wait.

Authentication Simon Cross Partner Engineer facebook.com/sicross An Overview.

Similar presentations


Presentation on theme: "Authentication Simon Cross Partner Engineer facebook.com/sicross An Overview."— Presentation transcript:

1 Authentication Simon Cross Partner Engineer facebook.com/sicross An Overview

2 Facebook Platform Graph API User, App, Page, Credits, Places, Ads Standards HTTP, HTML5, JSON, OAuth, Open Graph WebsitesMobile Apps on Facebook Social PluginsDialogs

3 Permissions Auth Dialogs Server-side Auth Client-side Auth SDKs Mobile SSO “It’s All About The Access Token”

4 ID Name Friends Picture Gender Username Locale Permissions Default, Basic User data

5 { data: [ ] } Permissions Without Permissions, if you query the API for anything more than the basic user data, you’ll get:

6 Permissions Ask for the permissions you NEED - but not more ~60 Permissions user_likes user_birthday user_events user_photos user_checkins ... friends_likes friends_birthday friends_events friends_photos friends_checkins... publish_stream publish_checkins create_event manage_pages offline_access... Full list at developers.facebook.com/docs/authentication/permissions

7 Permissions The more permissions you request, the lower your conversion ratio ~3% reduction in conversion for each additional permission But some permissions have a bigger effect than others: , user_birthday, stream_publish, offline_access etc Ask for only the permissions you actually need You can always ask for more later Tips

8 Server Side Auth Flow User’s Browser Your AppFacebook GET Your app’s frontpage Redirect GET OAuth Dialog User’s Browser Your AppFacebook 302 Redirect GET Your app’s callback URL GET /oauth/authorize Access Token GET /me?access_token=... API Response Render user data in page

9 Server Side Auth Flow GET https://www.facebook.com/dialogs/oauth? client_id=YOUR_APP_ID& redirect_url=http://yourapp.com/callback& display=page|popup& scope=perm_one,perm_twohttp://yourapp.com display=popupdisplay=page

10 Client Side Auth Flow User’s Browser Your AppFacebook GET Your app’s frontpage GET OAuth Dialog User’s Browser Your AppFacebook 302 Redirect including Access Token in URL fragment GET /me?access_token API Response, render user data in page GET /me?access_token=... API Response Render user data in page User clicks a call-to-action to login GET /ajax_api.php?access_token=...

11 Client Side Auth Flow GET https://www.facebook.com/dialogs/oauth? client_id=YOUR_APP_ID& redirect_url=http://yourapp.com/callback& display=page|popup& response_type=token& scope=perm_one,perm_twohttp://yourapp.com/callback& Response is a 302 redirect to:

12 Javascript SDK

13 Mobile SDKs


Download ppt "Authentication Simon Cross Partner Engineer facebook.com/sicross An Overview."

Similar presentations


Ads by Google