Signing in users with Facebook
This document shows you how to use Identity Platform to sign in users with Facebook.
Before you begin
This tutorial assumes you've already enabled Identity Platform, and have a basic web app written using HTML and JavaScript. See the Quickstart to learn how.
Configuring Facebook as a provider
To configure Facebook as an identity provider:
Go to the Identity Providers page in the Google Cloud console.
Click Add A Provider.
Select Facebook from the list.
Enter your Facebook App ID and App Secret. If you don't already have an ID and secret, you can obtain one from the Facebook for Developers page.
Configure the URI listed under Configure Facebook as a valid OAuth redirect URI for your Facebook app. If you configured a custom domain in Identity Platform, update the redirect URI in your Facebook app configuration to use the custom domain instead of the default domain. For example, change
https://myproject.firebaseapp.com/__/auth/handler
tohttps://auth.myownpersonaldomain.com/__/auth/handler
.Register your app's domains by clicking Add Domain under Authorized Domains. For development purposes,
localhost
is already enabled by default.Under Configure your application, click Setup Details. Copy the snippet into your app's code to initialize the Identity Platform Client SDK.
Click Save.
Signing in users with the Client SDK
Create an instance of the Facebook provider object:
JavaScript
var provider = new firebase.auth.FacebookAuthProvider();
Optional: Add OAuth scopes. Scopes specify what data you are requesting from Facebook. More sensitive data may require specific scopes. Consult the provider's documentation to determine what scopes your app needs.
JavaScript
provider.addScope('user_birthday');
Optional: Localize the authentication flow. You can specify a language, or use the device's default language:
JavaScript
firebase.auth().languageCode = 'it'; // To apply the default browser preference instead of explicitly setting it. // firebase.auth().useDeviceLanguage();
Optional: Specify additional custom OAuth parameters. These are specific to Facebook, and are typically used to customize the authentication experience. You can't pass parameters reserved by OAuth or Identity Platform.
JavaScript
provider.setCustomParameters({ 'display': 'popup' });
Use the Facebook provider object to sign in the user. You can either open a pop-up window, or redirect the current page. Redirecting is easier for users on mobile devices.
To show a pop-up, call
signInWithPopup()
:JavaScript
firebase .auth() .signInWithPopup(provider) .then((result) => { /** @type {firebase.auth.OAuthCredential} */ var credential = result.credential; // The signed-in user info. var user = result.user; // This gives you a Facebook Access Token. You can use it to access the Facebook API. var accessToken = credential.accessToken; // ... }) .catch((error) => { // Handle Errors here. var errorCode = error.code; var errorMessage = error.message; // The email of the user's account used. var email = error.email; // The firebase.auth.AuthCredential type that was used. var credential = error.credential; // ... });
To redirect the page, first call
signInWithRedirect()
.Follow the best practices when using
signInWithRedirect
,linkWithRedirect
, orreauthenticateWithRedirect
.JavaScript
firebase.auth().signInWithRedirect(provider);
Then, retrieve the Facebook token by calling
getRedirectResult()
when your page loads:JavaScript
firebase.auth() .getRedirectResult() .then((result) => { if (result.credential) { /** @type {firebase.auth.OAuthCredential} */ var credential = result.credential; // This gives you a Facebook Access Token. You can use it to access the Facebook API. var token = credential.accessToken; // ... } // The signed-in user info. var user = result.user; }).catch((error) => { // Handle Errors here. var errorCode = error.code; var errorMessage = error.message; // The email of the user's account used. var email = error.email; // The firebase.auth.AuthCredential type that was used. var credential = error.credential; // ... });
Once you have an access token, you can use it to call the Facebook API. For example:
REST
curl "https://graph.facebook.com/me?fields=id,name&access_token=[TOKEN]"
Signing in users manually
If you don't want to use the Client SDK, you can also handle the sign-in flow manually.
This sign-in method also supports Facebook Login for Gaming as an IdP. Identity Platform doesn't support manually implementing Facebook Login for Gaming. It only accepts the tokens for exchanging Identity Platform credentials.
Integrate Facebook or Facebook Login for Gaming authentication into your app by following the steps in their developer documentation:
Sign in the user with Facebook or Facebook Login for Gaming using the flow you implemented in the previous step.
Exchange the token you receive from Facebook or Facebook Login for Gaming for an Identity Platform credential:
JavaScript
var credential = firebase.auth.FacebookAuthProvider.credential(accessToken);
Use the credential to sign in the user with Identity Platform:
JavaScript
// Sign in with the credential from the user. firebase.auth() .signInWithCredential(credential) .then((result) => { // Signed in // ... }) .catch((error) => { // Handle Errors here. const errorCode = error.code; const errorMessage = error.message; // The email of the user's account used. const email = error.email; // ... });
What's next
- Learn more about Identity Platform users.
- Sign in users with other identity providers.