We are building a web application and right now we are in the stage of deciding how to keep track of our users. Our default option is to maintain our own user registration system which is a lot of headache (user name uniqueness, registration process, etc...).
As an alternative we can use people's Facebook identity, meaning they will log in to our system using their Facebook's email and password. Then our back-end will fetch the user's Facebook id (Graph id), and store it in the DB. Any data that the user will change/upload to the application will be linked to this id.
The question is, can we trust the id as a permanent identifier, and build a complex back-end around it. How can we be sure that Facebook won't change someone's id ?
Does other identity management systems like Azure Access Control rely on this id?