Facebook Platform Policy Update

I just got one of these notices as well, it seems using auth0 leaves us out of compliance with Facebook and risks us loosing access to login through it. The wording is pretty clear from Facebook.

“Platform Policy 8.2: Native iOS and Android apps that implement Facebook Login must use our official SDKs for Login.”

Additionally in the link they provide it states,

“Android apps should use the default login behavior defined by the SDK, which may use the web-view Login dialog. On iOS, only kiosk apps may use a web-view Login dialog.”

As for iOS apps it doesn’t seem they allow web view at all for non kiosk apps.

According to

If http://auth0.com/oauth/legacy/grant-type/access_token was supported again we could use the tokens provide by the native FB SDK to authenticate a user through auth0.

Is there way for us to pass up the tokens received from the native FB SDK to authenticate a user through auth0. If this is not possible and to stay in compliance we would have to resort to having our backend talk to FB directly, which we would need to avoid.

Correct me if I’m wrong, I’m just coming up to speed on this.