Auth0 Home Blog Docs

Facebook login with new Strict mode URL requirements will not work

social-connections
facebook

#1

Facebook has announced that in March, they will require Facebook login apps to provide exact URL’s of the redirect URL’s:
https://developers.facebook.com/docs/facebook-login/security/#strict_mode

So this has been optional but in March will be required to “on”. This is a big issue for me, since the redirect URL has the access token #access_token=123456789 - this makes it impossible to put in the exact URL user will be redirected to upon logging in.

Am I missing something or is this a big problem for Auth0 with Facebook login? What is the fix here to enable Strict Mode to prepare for when Facebook will force this setting?


#2

I was able to find solution for this, as described in this article:
https://auth0.com/docs/connections/social/facebook

You have to put: https://exampleco-enterprises.auth0.com/login/callback
in the oAuth Redirect field (where exampleco-enterprises.auth0.com is your Auth0 domain). This will work in “strict mode” that Facebook is going to enforce in March