Facebook Social Login
This section describes how to configure social authentication to Facebook from OpenIAM. Perform the steps described below.
OpenIAM must be configured to use https prior to proceeding
Create and configure the Facebook application
To use Facebook's social login feature you should:
- Register on https://developers.facebook.com.
- Create new app in https://developers.facebook.com/apps
- Select app type "Consumer"
- Add display name and app contact email
- Click on "Create App ID" and complete the security check.
The new application will be in a development state unless you configure it to go live. In Development mode, your app can only request data from users
with an app role. To request end user data, your app must have Advanced Access permissions and be set to Live mode. To go live with the app please follow instructions and documentation provided by Facebook.
OpenIAM supports both Live and Developer modes.
On your application page, click on the
Products button and select:
- Facebook Login
Webfrom select a platform
- Fill the form with site URL ( https://your_openiam_domain).
- Read Facebook provided information and complete the quick-start wizard.
- Go to tab
Settings, here you should provide
Valid OAuth Redirect URIs. This should include: https://[ your_openiam_domain ]/idp/social/facebook/callback
- Save the changes.
Note As mentioned above, new Facebook applications always launch in development mode. While the application is in development mode, only Admins can use this functionality. To go live, you should follow Facebook procedure.
Settings -> Basic of your Facebook application and ensure that you can see the
App ID and
Create an Authentication Provider
In the Webconsole use
Access Control menu -> Authentication Provider -> Create new provider.
- Select Facebook from the dropdown.
- On the Authentication provider screen copy and paste the App Id and App Secret from Facebook,
- Fill in the required fields and save it.
Update the appropriate content provider so that it has the following URL patterns:
- Authorization is set to disabled
- Authentication Rule is set to None)
- Authorization is set to disable
- Authentication Rule is set to None
- Supported HTTP Methods - POST
Each user that may want to login via Facebook should have an identity for the managed system that is selected on Auth provider page. In our example it is Facebook Managed system
To test this functionality, go to the OpenIAM login page. You will see a blue Facebook button. Click on this and Facebook will ask you to share your info with the app