1

We developed a hybrid mobile application as front-end integrated with a backend, which includes a Facebook OAuth service. With this setup social authentication, through the web browser, it works fine.

Now we would like to use the native Facebook app installed on the mobile device (instead of the web browser) to authenticate our users against or backend, but we don't find how to implement the auth process.

Our backend follows OAuth2 of type "Authorization Code Grant" and, therefore, expects a code and a status parameters in the Facebook response (just like the first described auth). But in mobile, the Facebook SDK doesn't return these parameters, only an accessToken. Because of that, we can't implement the auth process in our backend.

Is it possible to perform the OAuth process using an accessToken instead of the authorization code? Maybe is it possible to obtain the code and status parameters from the accessToken parameter with Facebook API?

chick3n0x07CC
  • 678
  • 2
  • 10
  • 30
  • 1
    _“Maybe is it possible to obtain the code and status parameters from the accessToken parameter with Facebook API?”_ - no, that is not possible. You would have to implement that on your end somehow, that simply being passed an access token is considered an “alternative” to going through the exchange code for token process, and considers the user logged in the same way (after you checked whether the token is genuine, of course.) – CBroe Dec 11 '17 at 14:07

0 Answers0