Is it possible to register Facebook account without having email tied to that account? I am asking because in some responses (1 out of 10000) I don't get email (I have perms="email" in request to API)?
Anyone have experience with this problem? What response do you display to user in this case?
Actually it is possible, for the case user signed up via facebook mobile app on a phone, and registered using a phone number.
email permission isn't one that blocks user from logging in, once granted it can be removed manually by user and he can avoid granting it in the future interactions with your app/site.
At least Facebook's JavaScript SDK passing user identity even if user skip granting email permission.
It is not possible to register a facebook account without an email. If you have users connecting your application but you can't see their email address, they probably denied permission.
It's not possible to have a facebook account without email, but it's possible to have it with unconfirmed email, in which case it's not provided via API:
Facebook Email field return null (even if the “email” permission is set and accepted)
Related
I am using AWS Cognito to manage my user pools. Users can signup using email, Apple, Facebook & Google.
Email registered users are required to confirm their account (through email verification). I want to have the same behaviour for social signup but unsuccessful (will leave this issue for another question).
I am using AWS Pinpoint to reach my user pool by email. When creating a campaign only users who did signup with email & password receives the email (not social users), and I don't understand why. Any idea of what could be the cause of the problem, or perhaps the solution?
Additional information:
Tried verify social user's emails manually (using aws admin privileges) => users still don't receive emails.
Did export my segment to csv, and apple relay email endpoints are in the segment (with an Active status) => but still no email received by social users (not forwarded for this case)
Thank you all for you assistance
While using Android SDK Cognito does not add users automatically to the user pool if user logins with a 3rd parth identity provider like Google or Facebook.
What is the best way to do this? Should I register user from Android app?
After successful login I can look for the user with the related email and that I can show a user information for to let them enter their info.
Thank you.
What worked for me - let the users authenticate using Cognito (not FB or Google directly). The Cognito logon page can further delegate the social network authentication and adding users to the user pool
https://docs.aws.amazon.com/cognito/latest/developerguide/login-endpoint.html
(I know this is the web endpoint)
I can show a user information for to let them enter their info
the id_token received after logon contains the user email if you request it, you don't need to add users to the pool to get this information
According to Scopes for Google SignIn, there is no 'phone' scope, the only scopes are openid, email, profile.
My Cognito User Pool has a phone user attribute, and it is required.
For users who sign-up directly with the user pool, they enter their phone number in Amazon's hosted UI which displays a phone field in the sign up form, all good.
For users who sign-up with Google, they get an error. I've traced it to the fact that Google doesn't send over a phone_number and the mapping from Google to User Pools attribute fails. If I create a new pool, which does not require a phone_number federation to Google works, the moment I require that attribute it fails, despite the fact that the Google Account I test with has a phone_number.
Is mapping phone really not possible when sign in with Google federated to Cognito User Pool?
Is it possible for the the hosted SignUp UI to show a field for my Google users asking them to fill in the phone number between them authenticating with Google and the hosted UI redirecting to my redirect URL?
Alternate solutions?
I also faced the same issue. To get this to "work" I had to sadly remove the phone number requirement which also meant I had to make a new user pool.
Now AWS provides phone scope
Step-1 Go to user pool's App client settings page.
Step-2 click the phone option.
Step-3 Go to user pool's Attribute Mapping page page.
Step-4 Map external identity provider's attribute to user pool attribute. (I am using Google)
Has Facebook always verified the email addresses for their users?
I am building an app with Django (using python-social-auth) where I want people to be able to login with their Facebook account. As far as I understand, the email is always verified. Even in the case when the person who has signed up used his/her phone number. If they enter an email later on, this email will still be verified.
However, I am not sure this was the case earlier. Can we trust that all the emails have been verified by Facebook for all the accounts?
More recently, the short answer is: Yes, if you get email from Facebook, this is verified email.
Also, remember that users may not have it set (i.e. phone registration) and probably, if you want to handle them, you will need to extend your pipeline to verification.
(But that allows you to handle for example twitter)
Anyway, more info in twin topic: Is it possible to check if an email is confirmed on Facebook?
In case anyone finds this question again, as of 2021, Facebook's documentation says that the email obtained from Facebook needs to be verified.
"1. Ensure the Facebook Login email address is verified
If you use an email address as the unique credential which identifies each account, your app should verify that the email address associated with the person's Facebook account (and obtained during Facebook Login) is valid. You can do this by creating code in your app to send a verification email to the address obtained after Facebook Login."
Source: https://developers.facebook.com/docs/facebook-login/multiple-providers#postfb1
I need to get the facebook friends email ids of a user providing his login email id and password. That is, if we enter the facebook login email id and password we need to get the friends from facebook. So far i was only able to get the examples which uses Api_Key and Api_Secret. Even the Graph api is using Access Token. Is there any way to access the friends using email id and password? Please help.
This is against Facebook's Terms of Service. Specifically policy I.2:
You must not include functionality that proxies, requests or collects
Facebook usernames or passwords.
Also, you would be required to use the Facebook API which does not provide access to friends email addresses.
You'll need to ask your users to authenticate using the Facebook API. You shouldn't be collecting email and passwords on behalf of users. However, if you ask for offline access, then when you do this, you can access the data any time.
Facebook uses oAuth, so you and your application will never see the password of the user that you are getting permission for. oAuth (used by Twitter and Google as well) requires a bit of a handshake to get authenticated, but once you do, you can get permission from the user to do whatever you want, as long as they accept.
Check out https://developers.facebook.com/docs/guides/web/#login for more on how Facebook does authentication.