Facebook App - Page Tab - restrict/remove ability to install

Question

I've built a facebook application (Page Tab) using instructions found here stackoverflow.com/questions/21048882/facebook-2014-how-to-create-a-simple-page-with-an-iframe-inside.

The application is just showing some remote page (built in .Net 4.0 by the way).

I was wondering (and searching) if there is any possible way of removing the ability to install the app i built in other pages by other people. Facebook documentation is a mess, can't find usefull information. I found here, at stackoverflow an old question regarding the same goal stackoverflow.com/questions/11971727/is-it-possible-to-create-a-private-application-available-only-for-specific-users. The problem is that the question is 2 years old and i think the accepted answer at that time doesn't apply today. At least i can't find where to add the restrictions.

Any kind soul that can help me?

Thx in advance, Hugo

Answer 1

Based on the advices given, i went on something like this at page_load:

if(Request["signed_request"] == null || string.isNullOrEmpty(Request["signed_request"]) || !accessAllowed(Request["signed_request"].ToString()){
    //redirect or show error message
}

For the custom function:

private static bool accessAllowed(string signed_request) {
    try {
        return ((dynamic)JsonConvert.DeserializeObject(Encoding.UTF8.GetString(Convert.FromBase64String((signed_request.Split('.')[1]))))).page.id == "myPageId";
    }
    catch {
        return false;
    }
}

Using the library Json.NET.

What i was unable to find is where to get the "myPageId" before actually installing the app. So i probably end up using some value stored at Web.config or other file in the web server (i could save it in a database, but this approach will save me a trip to the database).

Thx for all the help.