Facebook OAuth2.0 V1.0

Learn how to configure a connection to Facebook via OAuth2.0.


Introduction

Each SSO Identity Provider requires specific information to create and configure a new Connection (through Application registered). Often, the information required to create a connection will differ by Identity Provider.


Facebook integration with Cripsa using OAUTH2.0 consists of 4 parts,
  • 1. Create a project/select (an existing) project by logging into https://cripsa.com
  • 2. Create an App in Facebook Console using enterprise subscription in https://developers.facebook.com/
  • 3. Use App ID and App Secret information of the FACEBOOK account for App registration with Cripsa.
  • 4. Use the Final URI received to call against the User click to start the Authentication process workflow.

Create Project through Cripsa

Login to Cripsa Dashboard by using email account


Facebook OAuth2.0 V1.0 Image-1

Once logged in Create project for OAuth2.0.


Facebook OAuth2.0 V1.0 Image-2

Fill all the details. All the fields are required.


Facebook OAuth2.0 V1.0 Image-3

Click on “Create Project”.


Facebook OAuth2.0 V1.0 Image-4

Note Down all the above highlighted information which will be used while creation of the App in Google Console (https://console.cloud.google.com).


Facebook OAuth2.0 V1.0 Image-5

What Cripsa provides

Cripsa provides the “Authorized Java-http Origin” and “Authorized Redirect URI”. It’s readily available in your Project Detail page of Cripsa Dashboard.


Facebook OAuth2.0 V1.0 Image-6

The Authorized Redirect URI is the location an Identity Provider redirects its authentication response to. In Facebook’s case, it needs to be set by the Enterprise when configuring your application in their FACEBOOK Console.

The Authorized Java-http Origin is a URI used to identify the issuer of a OAuth2.0 request, response, or assertion. In this case, the Authorized Java-http Origin is used to communicate that, Cripsa will be the party performing OAuth2.0 requests to the Enterprise’s FACEBOOK App instance.


What you’ll need

To integrate you’ll need the OAuth Client App Credentials (APP ID and APP Secret) from Facebook Developer portal.

Normally, this information will come from your Enterprise customer’s IT Management team when they set up your application’s OAuth 2.0 configuration in their FACEBOOK Developer portal Console. But should that not be the case during your setup, here’s how to obtain it.


1. Log in

Log in to the FACEBOOK Developer portal

https://developers.facebook.com/apps/, select “Create App”.


Facebook OAuth2.0 V1.0 Image-7
Facebook OAuth2.0 V1.0 Image-8
Facebook OAuth2.0 V1.0 Image-9

Create Platform

Go to App and Select Settings->Basic, go to bottom of the screen and select “Add Platform”


Facebook OAuth2.0 V1.0 Image-10
Facebook OAuth2.0 V1.0 Image-11

Select Website and click on Next.


3. Add Pool Domain Information

Pool domain information you have got while creation of the Project in https://cripsa.com


Facebook OAuth2.0 V1.0 Image-12

The above two information will be used to integrate Facebook App with Cripsa.

Go to Settings->Basic and in “App Domain” field put the detail of “Authorized Java-http Origin” detail and click on “Save Change” button.


Facebook OAuth2.0 V1.0 Image-13

Now go to the Dashboard and select Facebook Login Setup.


Facebook OAuth2.0 V1.0 Image-14

Now Expand the Facebook Login menu in the left pane and select Settings.


Facebook OAuth2.0 V1.0 Image-15

Put the Authorize Redirect URI information of Create Project into “Valid OAuth Redirect URIs” box as shown above and click on “save changes”.


4. Add Users for testing

Here you can add the users through which client wants to test the OAuth2.0 Workflow.


Facebook OAuth2.0 V1.0 Image-16
Facebook OAuth2.0 V1.0 Image-17

Note: One might get some issue while creating test user. At the time of creation of document Facebook has disabled this feature of creation of test users.


Obtain Identity Provider Details

Note Down App ID and App Secret which is needed while registering this App through https://cripsa.com


Go to Settings->Basic and note down both the information.


Facebook OAuth2.0 V1.0 Image-18

6. Register Facebook App with Cripsa

If you haven’t noted the App Credentials (App ID and App Secret), select your application, and click “Settings->Basic”.


Facebook OAuth2.0 V1.0 Image-19

Now go back to https://cripsa.com/oauth-register-app ->Select your project you have just created.


Facebook OAuth2.0 V1.0 Image-20

Here Three Fields are Mandatory to fill:

  • Register Type
  • IDP Client ID (App ID)
  • IDP Client Secret (App Secret)

In the Register Type there are four options, and one has to select anyone of them as per your requirement. For more information on these options please see FAQ.


Facebook OAuth2.0 V1.0 Image-21

Now Put the App Credentials and Click on “Register OAuth2.0 App”


Facebook OAuth2.0 V1.0 Image-22

The URI got in the final response will be called as part of the Login Click Button by the Client.


Facebook OAuth2.0 V1.0 Image-23

7. Testing

Now use Code URI to login to App to get Code and redirection.


Facebook OAuth2.0 V1.0 Image-24
Facebook OAuth2.0 V1.0 Image-25
Facebook OAuth2.0 V1.0 Image-26
Facebook OAuth2.0 V1.0 Image-27
Facebook OAuth2.0 V1.0 Image-28

For Getting the AccessToken and IdToken use Token URI.


Facebook OAuth2.0 V1.0 Image-29
Facebook OAuth2.0 V1.0 Image-30
Facebook OAuth2.0 V1.0 Image-31
Facebook OAuth2.0 V1.0 Image-32
Facebook OAuth2.0 V1.0 Image-33

Frequently asked questions

1. How many Registration Options available in Cripsa for OAUTH2.0 and what is the difference between them?


In the Register Type there are four options:

  • Registration of OAth2.0 Only
  • Registration of OAth2.0 in Separate Client
  • Registration of OAth2.0 with Other Already registered Auth Type Apps/Method with MFA
  • Registration of OAuth2.0 with Other Already registered Auth Type Apps/Method without MFA
Facebook OAuth2.0 V1.0 Image-34

Only the Login screen would be Different for each Registration Type.


Facebook OAuth2.0 V1.0 Image-35
Figure 1 Registration of OAuth2.0 Only
Facebook OAuth2.0 V1.0 Image-36
Figure 2 Registration of OAuth2.0 in Separate Client
Facebook OAuth2.0 V1.0 Image-37
Figure 3 Registration of OAUTH2.0 with Other Already registered Auth Type Apps/Method with MFA

Here in the above diagram one can see MFA is available along with OAUTH2.0 authentication.


Facebook OAuth2.0 V1.0 Image-38
Figure 4 Registration of OAuth2.0 with Other Already registered Auth Type Apps/Method with MFA

Here in the above diagram one can see MFA is available along with OAUTH2.0 and OAUTH 2.0 authentication.


Facebook OAuth2.0 V1.0 Image-39
Figure 5 Registration of OAuth2.0 with Other Already registered Auth Type Apps/Method without MFA