• Home

  • Documents

  • Authentication Simon Cross Partner Engineer facebook.com/sicross An Overview
13
Authenticat ion Simon Cross Partner Engineer facebook.com/sicross An Overview

Authentication Simon Cross Partner Engineer facebook.com/sicross An Overview

Tags:

Embed Size (px)

Citation preview

Page 1: Authentication Simon Cross Partner Engineer facebook.com/sicross An Overview

Authentication

Simon CrossPartner Engineer

facebook.com/sicross

An Overview

mailto:[email protected]
Page 2: Authentication Simon Cross Partner Engineer facebook.com/sicross An Overview

Facebook Platform

Graph API User, App, Page, Credits, Places, Ads

StandardsHTTP, HTML5, JSON, OAuth, Open Graph

Websites Mobile Apps on Faceboo

kSocial Plugins Dialogs

Page 3: Authentication Simon Cross Partner Engineer facebook.com/sicross An Overview

•Permissions

•Auth Dialogs

•Server-side Auth

•Client-side Auth

•SDKs

•Mobile SSO

“It’s All About The Access Token”

Page 4: Authentication Simon Cross Partner Engineer facebook.com/sicross An Overview

IDName

FriendsPictureGender

Username

Locale

Permissions

Default, BasicUser data

Page 5: Authentication Simon Cross Partner Engineer facebook.com/sicross An Overview

{ data: [ ]}

PermissionsWithout Permissions, if you query the API for anything more than the basic user data, you’ll get:

Page 6: Authentication Simon Cross Partner Engineer facebook.com/sicross An Overview

PermissionsAsk for the permissions you NEED - but not more

~60Permissions

user_likesuser_birthdayuser_eventsuser_photosuser_checkinsemail...

friends_likesfriends_birthdayfriends_eventsfriends_photosfriends_checkins...

publish_streampublish_checkinscreate_eventmanage_pagesoffline_access...

Full list at developers.facebook.com/docs/authentication/permissions

Page 7: Authentication Simon Cross Partner Engineer facebook.com/sicross An Overview

Permissions

•The more permissions you request,the lower your conversion ratio ~3% reduction in conversion for each additional permission

•But some permissions have a bigger effect than others: email, user_birthday, stream_publish, offline_access etc

•Ask for only the permissions you actually need

•You can always ask for more later

Tips

Page 8: Authentication Simon Cross Partner Engineer facebook.com/sicross An Overview

Server Side Auth Flow

User’s Browser

Your App Facebook

GET Your app’s frontpageRedirect

GET OAuth Dialog

User’s Browser Your App Facebook

302 Redirect

GET Your app’s callback URLGET /oauth/authorize

Access Token

GET /me?access_token=...

API ResponseRender user data in page

Page 9: Authentication Simon Cross Partner Engineer facebook.com/sicross An Overview

Server Side Auth FlowGET https://www.facebook.com/dialogs/oauth? client_id=YOUR_APP_ID& redirect_url=http://yourapp.com/callback& display=page|popup& scope=perm_one,perm_twodisplay=popup display=pag

e

http://yourapp.com/
Page 10: Authentication Simon Cross Partner Engineer facebook.com/sicross An Overview

Client Side Auth Flow

User’s Browser

Your App Facebook

GET Your app’s frontpage

GET OAuth Dialog

User’s Browser Your App Facebook

302 Redirect including Access Token in URL fragment

GET /me?access_tokenAPI Response, render user data in page

GET /me?access_token=...

API ResponseRender user data in page

User clicks a call-to-action to login

GET /ajax_api.php?access_token=...

Page 11: Authentication Simon Cross Partner Engineer facebook.com/sicross An Overview

Client Side Auth FlowGET https://www.facebook.com/dialogs/oauth? client_id=YOUR_APP_ID& redirect_url=http://yourapp.com/callback& display=page|popup& response_type=token& scope=perm_one,perm_two

http://yourapp.com/callback#access_token=166942940015970%7C2.sa0&expires_in=64090

Response is a 302 redirect to:

http://yourapp.com/callback&
http://yourapp.com/callback&
Page 12: Authentication Simon Cross Partner Engineer facebook.com/sicross An Overview

Javascript SDK

Page 13: Authentication Simon Cross Partner Engineer facebook.com/sicross An Overview

Mobile SDKs


20th May 2017 facebook.com

20th May 2017 facebook.com

Documents
Organic and Halal food authentication - ACTIOMAisofood.eu/wp-content/uploads/2017/02/07_Simon-Kelly.pdf · Organic and Halal food authentication Simon Kelly1, Aiman 1Abrahim1, Zora

Organic and Halal food authentication - ACTIOMAisofood.eu/wp-content/uploads/2017/02/07_Simon-Kelly.pdf · Organic and Halal food authentication Simon Kelly1, Aiman 1Abrahim1, Zora

Documents
ourwaterway.com.au facebook.com/ourwaterway

ourwaterway.com.au facebook.com/ourwaterway

Documents
Define authentication Authentication credentials Authentication models Authentication servers Extended authentication protocols Virtual

Define authentication Authentication credentials Authentication models Authentication servers Extended authentication protocols Virtual

Documents
New Doc 3fb.com/Book.juice Facebook.com/groups/Book.juice Facebook.com/groups/Book.juice 1_1_._' follow me : facebook.com/OmaR1.Bs

New Doc 3fb.com/Book.juice Facebook.com/groups/Book.juice Facebook.com/groups/Book.juice 1_1_._' follow me : facebook.com/OmaR1.Bs

Documents
deccanchronicle.com, facebook.com/deccannews, twitter.com

deccanchronicle.com, facebook.com/deccannews, twitter.com

Documents
1 HRPD Roamer Authentication Zhibi Wang, Sarvar Patel, Simon Mizikovsky, Nancy Lee

1 HRPD Roamer Authentication Zhibi Wang, Sarvar Patel, Simon Mizikovsky, Nancy Lee

Documents
Authentication. TOPICS Objectives Legacy Authentication Protocols IEEE 802.1X Authentication Extensible Authentication Protocol (EAP) Authentication Servers

Authentication. TOPICS Objectives Legacy Authentication Protocols IEEE 802.1X Authentication Extensible Authentication Protocol (EAP) Authentication Servers

Documents
PPT Presentation on Facebook.com

PPT Presentation on Facebook.com

Social Media
| facebook.com/visitmobile | blog.mobilebay · | facebook.com/visitmobile | blog.mobilebay.org 1 Arthur R. Outlaw Mobile Convention Center 2 The Battle House Renaissance

| facebook.com/visitmobile | blog.mobilebay · | facebook.com/visitmobile | blog.mobilebay.org 1 Arthur R. Outlaw Mobile Convention Center 2 The Battle House Renaissance

Documents
N Bob Myhan, Evangelist Forest Hills Church Of Christ 478.476.4768 myhan@cox.net Facebook.com/donahuemyhan Facebook.com/answeringreligiouserror A

N Bob Myhan, Evangelist Forest Hills Church Of Christ 478.476.4768 [email protected] Facebook.com/donahuemyhan Facebook.com/answeringreligiouserror A

Documents
facebook.com/ostazmohammad.mishal 0785239411

facebook.com/ostazmohammad.mishal 0785239411

Documents
facebook.com/StKildaBrass

facebook.com/StKildaBrass

Documents
 · Please send a CV and cover letter to Rosie Leverton at rleverton@tommys.org. facebook.com/havingahealthypregnancy or facebook.com/tommysthebabycharity

 · Please send a CV and cover letter to Rosie Leverton at [email protected]. facebook.com/havingahealthypregnancy or facebook.com/tommysthebabycharity

Documents
thrivetoday@markjewelltraining.com || facebook.com ... · thrivetoday@markjewelltraining.com || facebook.com/markjewelltraining Most Leaders Assume… •…employees always want

[email protected] || facebook.com ... · [email protected] || facebook.com/markjewelltraining Most Leaders Assume… •…employees always want

Documents
The Graph API Simon Cross Partner Engineer facebook.com/sicross An Overview

The Graph API Simon Cross Partner Engineer facebook.com/sicross An Overview

Documents
facebook.com/Krampelli...facebook.com/Krampelli OFFICIAL PRESS KIT WWW .facebook.com/Krampelli WWW .twitter.com/KrampelliDJ WWW .soundcloud.com/krampelli WWW .instagram.com/krampellidj

facebook.com/Krampelli...facebook.com/Krampelli OFFICIAL PRESS KIT WWW .facebook.com/Krampelli WWW .twitter.com/KrampelliDJ WWW .soundcloud.com/krampelli WWW .instagram.com/krampellidj

Documents
Provence by Purpuratta -> facebook.com/la.corseteria

Provence by Purpuratta -> facebook.com/la.corseteria

Lifestyle
mayerbosshardt.ch · Index - 6 - 86 - 174 PRINT116HOMENO Follow us facebook.com/karlssonclocks facebook.com/leitmotiv.products facebook.com/pt.collection pinterest.com/presenttimeHQ

mayerbosshardt.ch · Index - 6 - 86 - 174 PRINT116HOMENO Follow us facebook.com/karlssonclocks facebook.com/leitmotiv.products facebook.com/pt.collection pinterest.com/presenttimeHQ

Documents
Connect. Communicate. Collaborate AAI scenario: How AutoBAHN system will use the eduGAIN federation for Authentication and Authorization Simon Muyal, simon@renater.fr

Connect. Communicate. Collaborate AAI scenario: How AutoBAHN system will use the eduGAIN federation for Authentication and Authorization Simon Muyal, [email protected]

Documents
Stay In Touch facebook.com/iempact Facebook.com/arelmoodie @iempact @arelmoodie

Stay In Touch facebook.com/iempact Facebook.com/arelmoodie @iempact @arelmoodie

Documents
valchromat.pt | facebook.com/Valchromat info@investwood

valchromat.pt | facebook.com/Valchromat info@investwood

Documents
ونشتاق للحب والبوح أحياناًfacebook.com/the.Boooks. facebook.com/the.Boooks. facebook.com/the.Boooks

ونشتاق للحب والبوح أحياناًfacebook.com/the.Boooks. facebook.com/the.Boooks. facebook.com/the.Boooks

Documents
Fernando Paiva facebook.com/fernandopai. facebook.com/pen51limeira

Fernando Paiva facebook.com/fernandopai. facebook.com/pen51limeira

Documents
Contact Information Marc-Andre DelalayEmail: delalaym@gmail.com Facebook: facebook.com/marcandre.delalay facebook.com/marcandre.delalay

Contact Information Marc-Andre DelalayEmail: [email protected] Facebook: facebook.com/marcandre.delalay facebook.com/marcandre.delalay

Documents
Albertkalim@uky.edu albertkalim@facebook.com albertkalim@uky.edu albertkalim@facebook.com 859-257-5433 Technology Presentation

[email protected] [email protected] [email protected] [email protected] 859-257-5433 Technology Presentation

Documents
Web Search - OPPT in Facebook.com

Web Search - OPPT in Facebook.com

Documents
Facebook.com/wexgaa @OfficialWexGAA

Facebook.com/wexgaa @OfficialWexGAA

Documents
@harvardsocal facebook.com/groups ... - Harvard University

@harvardsocal facebook.com/groups ... - Harvard University

Documents
Footnote facebook.com/scienceatdit

Footnote facebook.com/scienceatdit

Documents