Facebook is the native mobile app and mobile browser sharing session.

Question

Facebook is the native mobile app and mobile browser sharing session.

I have a website that allows me to log in via facebook and display photos from facebook.

When accessing a mobile browser, I would like the website to automatically log into the system (when you click the FB login button without entering a username and password) if the user is already registered through its own FB application (iOS or orriod). It looks like I can do this by creating my own iOS or Android application and using facebook's single sign-on feature. Is it possible to do this if the user has not installed anything on his mobile device?

+7

facebook mobile facebook-javascript-sdk fbconnect

Prasanth Dec 21 '12 at 19:03

source share

4 answers

Hamed al-khabaz · Answer 1 · 2013-01-01T17:42:46+0000

If they have never logged into facebook from their mobile device, how will your site ever recognize them?

Is it possible to do this if the user has not installed anything on his mobile device?

Like a PC, users on a mobile device must log in to their phone on the facebook website before you can automatically log in to your site. When I say it automatically, I mean that they still have to go the first time: "Do you allow this application / website to do X things in your account." This message is inevitable when using facebook api on the Internet.

Hope this answers your question.

basav · Answer 2 · 2013-01-07T11:09:50+0000

Is it possible to do this if the user has not installed anything on their mobile device?

No, that would be impossible. You must have your own or hybrid application (using your phone, etc.) to make it work. Mobile web applications run in a sandboxed browser environment and without built-in interface code - you cannot get to your own SSO FB on your mobile device.

domsom · Answer 3 · 2013-01-08T08:22:08+0000

It's impossible.

Autostart is based on authorization tokens that will be provided to the website or mobile application after the user approves the application. For security reasons, these tokens are closely related to the reason they were issued. In particular, tokens and mobile tokens are not interchangeable.

So, you can create your own mobile application to get your own token, but even if you manage to (cookie-) enter it into the browser view, the backend of your site will not be able to use it.

More generally, you are raising a problem, even facebook cannot solve it: say that you are using the facebook mobile application and have registered there. If you open the web version of facebook on the same phone, you will have to log in again. The main reason is the same as above. In particular, any native application cannot set arbitrary cookies in the OS browser. I personally believe that this restriction will not fall, because it will have a big impact on security - imagine how any application can set (and possibly receive) cookies for any website.

Stéphane · Answer 4 · 2013-01-07T15:51:19+0000

Have you looked at this facebook page? I’m not sure what you are asking, perhaps, as Babaw said, but perhaps you will have some clues.

Facebook is the native mobile app and mobile browser sharing session.

More articles: