What action should I take in order to ensure Facebook login works after strict URI matching is added?
274 Views 3 Helpful

Question

What action should I take in order to ensure Facebook login works after strict URI matching is added?

Product

  • Social Login

Details

Facebook has recently announced[1] an important change to the way they are handling redirect URIs. Starting March 19th 2018, all URIs will be handled in 'strict mode'. For Gigya customers who use Facebook as a login provider, this means that the redirect URI defined for the Facebook app[2] in Gigya’s Console must exactly match the redirect URI passed in the login flow.

Gigya has been in contact with Facebook Engineering and are working on an update to address an issue identified with the 'mt' token being created by Gigya, the issue identified is that Gigya passes an 'mt' query parameter as part of the redirect URI, which causes the strict matching to fail. This token will be moved to another parameter recommended by Facebook before the security update. In the meantime clients should make the changes below to their Facebook app settings.

Answer

  1. Login to your Facebook app
  2. Click Settings under the Facebook Login product
  3. Change the Valid OAuth redirect URIs to one of the following formats:
    • https://<Your-Cname>/GS/GSLogin.aspx
    • https://socialize.<datacenter>/GS/GSLogin.aspx

Note: For an explanation about data centers, see Gigya’s Developer Guide[3].

Links

[1]: https://developers.facebook.com/blog/post/2017/12/18/strict-uri-matching/
[2]: https://developers.gigya.com/display/GD/Facebook
[3]: https://developers.gigya.com/display/GD/Finding+Your+Data+Center

Was this article helpful?