0

I am developing an Android application that allows users to register via Facebook or Google+. With Google+ I can retrieve the user's email address but with Facebook I need additional permission to do this.

I have a LoginButton in my layout and in the Activity code I have set it to request the email permission:

facebookLoginButton.setReadPermissions(Arrays.asList("email"));

This is fine as long as the user gives the permission. But if the user revokes that, my application doesn't work as expected. It needs the email address.

If the permission isn't granted, I call

Session.NewPermissionsRequest emailPermissionRequest = new Session.NewPermissionsRequest(this, Arrays.asList("email"));
session.requestNewReadPermissions(emailPermissionRequest);

This prompts the user to give the email permission. It can still be revoked and at the moment it just keeps asking it until it's granted.

How do I set the permission required? I'd like the user not to be able to login if the permission isn't granted. Spamming the permission dialog seems stupid.

MikkoP
  • 4,864
  • 16
  • 58
  • 106

2 Answers2

0

You need to handle the case that the person does not want to share his email address with you. That is totally valid.

If your app really relies on it, you can for instance create a native form to ask for the email again, after they decline the Facebook dialog. Or, you need to adjust your app to work without the email address.

As you mentioned, spamming with the dialog will not work (and when being reviewed will probably noticed).

Roemer
  • 3,566
  • 1
  • 16
  • 32
0

One possible idea, though I don't know if there is a precedent for it.

Create a preference in your application called, for example, "Support Email Login". When the user clicks on the Login button and permissions have not been granted, direct them to your preferences screen: "To support this feature, enable it in preferences"

Then, in your preferences screen, when the user checks the "Support Email Login" checkbox, toss up the permission request. If they decline, no permissions have been set and the box remains unchecked. If they accept, check the box and the user can go back and Log in.

This way the feature/permission is configurable by the user, and they don't get spammed with permission requests; they simply get directed to the preferences screen if they want to enable the feature.

bstar55
  • 3,542
  • 3
  • 20
  • 24
  • I think this is the best way to go. My application is about sharing invitations via email, so it's pretty crucial to have that one. But, maybe I just add a preference and add a verification system in the backend to check whether the email is valid or not. – MikkoP Jun 12 '14 at 08:50