Login the user with Facebook without revealing the APP ID

Question

MarPlo 1 Junior Poster in Training

11 Years Ago

Hi,
In the Facebook documentation about Login the user with Facebook APP they say:

"Because it requires you to include your App Secret you should not attempt to make this call client-side as that would expose this secret to all your app users. It is important that your App Secret is never shared with anyone".

I understend it is about APP Secret, but what about the Developer ID?
The developer ID is added in the URL address of the window for login the user with Facebook:
https://www.facebook.com/dialog/oauth?client_id=APP_ID&redirect_uri=...&state=...&scope=...
The APP_ID can be copied and used by anyone.
I tryed with JavaScript SDK, and with PHP SDK, but in both cases the developer ID appears in the address bar.
I tryed also the get and display the page from that URL address using cURL, but of course not works.
Is there any way to login the users in my web site using Facebook, without revealing the developer ID?
Or, it doesn't matter if someone uses your Facebook APP ID?

facebook social-media

2 Contributors
1 Reply
187 Views
5 Minutes Discussion Span
Latest Post 11 Years Ago Latest Post by Dani

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

Dani 4,084 The Queen of DaniWeb Administrator Featured Poster Premium Member · Answer 1 · 2012-11-18T07:22:31+00:00

There is no way to hide this. Keep in mind that once someone agrees to "install" your app, it will show up in their Facebook profile along with the app id. So even if you find a way to hide it from the URL, they will have access to it.

No one can do anything without the secret key.