Was this article helpful?


Last modified 10:13, 23 Sep 2014

This page is a step-by-step guide for the process of opening and setting up an external application in Facebook as part of the Gigya Setup process.

Clients with sites defined under Gigya's European data center should replace domain references to (http:// or https://) "socialize.gigya.com" (or "socialize.us1.gigya.com") with "socialize.eu1.gigya.com". To verify site location contact your implementation manager.
Domain references are defined in Gigya's dashboard, externally in social network app definition pages, and when using Gigya's SDKs to set the domain (in particular the APIDomain field in class GSRequest). 

Note: Facebook apps require a domain alias (CNAME) that redirects to Gigya, for example "http://login.yoursite.com" which redirects to an address assigned by Gigya customer services.  Please ask your customer service representative for the precise redirection definition. Facebook apps without a CNAME will not be able to share, as Facebook no longer supports sharing without a CNAME.

Phase 1 - Opening the Application in Facebook

  1. Login to your Facebook account.
  2. Open the Facebook developer's page at: https://developers.facebook.com/apps?ref=mb.
  3. Click on "Create a New App".

    Create App button
  4. In the "Create a New App" box:
  5. Enter the Captcha and press 'Submit'. Note that after pressing submit, you receive no confirmation of a successful submit and the Captcha remains open. 
  6. Click on the "Settings" button on the left.
    • Copy the "App ID" and the "App Secret" strings (you will need to paste them in Gigya's website, as described in phase 2), use the Show button to see the "App Secret".
    • Enter your site's domain in the "App Domains" field. These are the domains within which OAuth will authorize your app to view data. For example, if you use the CNAME "login.mysite.com", the "App Domains" field must contain "mysite.com".​

  7. Click on the "Add Platform" button at the bottom of the Settings box and select "Website".  
    Add platform
  8.  Enter your website's address in the "Site URL" and your mobile site (if available) , then click "Save Changes".
    Note: To forcibly sign a user out of Facebook in socialize.logout, socialize.removeConnection or accounts.logout, the "Site URL" must match the name of your site.

     Enter website address and save changes
  9.  If you are defining an Android app for Facebook:
    Click the "+Add Platform" button and add an "Android" platform.  You will need to enter your Android app's "Package Name" and the "Class Name" of its Main Activity as well as the app's key hash. The key hash is a unique app identifier generated with the Java keytool utility: for more information about this and setting up Android apps for Facebook see https://developers.facebook.com/docs/android/getting-started).  Note that Android apps can be added at a later stage by updating the Facebook app and going to the "Settings" button's "Basic" tab (https://developers.facebook.com/apps/621977507869949/settings/basic/). 
    Facebook settings.jpg
  10. Select the "Advanced" tab of the Settings page:
    • Set "Native or desktop app?" to "No".
    • Set "App Restrictions" as you require.
  11. In the "Security" section of the "Advanced" tab set the following:
  12. Set the "Client OAuth Login" to Yes.
  13. In the "Valid OAuth redirect URIs" enter:
    • ​http://<CNAME>/GS/GSLogin.aspx?
    • https://<CNAME>/GS/GSLogin.aspx?
  14. If you are not using a CNAME for the connection to Gigya then in the "Valid OAuth redirect URIs" enter:
    • ​http://socialize.gigya.co​m/GS/GSLogin.aspx?
    • https://socialize.gigya.co​m/GS/GSLogin.aspx?​​
      Apps not using a CNAME are unable to share to Facebook.
      Users associated with our European data center should replace socialize.gigya.com with socialize.eu1.gigya.com.
      To forcibly sign a user out of Facebook in socialize.logout, socialize.removeConnection or accounts.logout, the "Valid OAuth redirect URI" must match the name of your site.
  15. Make sure your domain is included in the list of valid OAuth redirect URIs.
    Security settings
  16. Click the blue "Save Changes" button.
  17. Click on the "App Details" button on the left. For an explanation of the "App Details" fields see https://developers.facebook.com/docs/games/appcenter/guidelines.
  18. In the App Details "Contact Info" section enter relevant details. A privacy policy URL is required by Facebook, other URLs are optional. Click on "Create New Page" to setup a Facebook page for your app.
    Contact info
  19. In the "App Center Listed Platform" section, set Website to "Yes".
    App center listed platforms
  20. Enter icons, banners, screenshots and videos in the relevant sections. For Facebook information on the requirements see https://developers.facebook.com/docs/games/appcenter/guidelines.
    The minimum requirements for these sections are:
    • Icons section - At least a logo
    • Banners section - At least a web banner and cover image.  
    • Screenshots - At least 3 screenshots are required.
  21. Click the "Localize" button on the left if you want to configure your app's details for viewing in other languages.
  22. Optional: Facebook provide an option to request public approval of your app. Note that this may take some time and is not required for logging in with Facebook.  
    • If you do want to get Facebook approval, click on the "Status & Review" button on the left, set your app to be available to the general public (unless it is still being tested) and then click "Start a submission":
      Status & Review
    • A dialog box will open for you to select the Apps to be included in the submission (more than one app may be submitted at once).
    • A red triangle will appear next to "Status & Review" and any sections where additions are required. If you click on the App Details button, a message will tell you what items are missing.
      Ineligible for submission indicator  
  23. Optional: You can ask for login permissions beyond the basic ones. This will need to be submitted for approval by FB. Full list of additional permissions can be found here.
    • ​​If you want to ask for login permissions beyond the basic ones (email, public_profile and user_friends are the basic), you will need to include additional permissions by clicking on the "Add Items to this Submission" link.​​

​​                 File:010_Developer_Guide/82_Socialize_Setup/005_Opening_External_Applications/10_Facebook/clipboard_1399203886072.png

  • A pop-up window with a list of permissions will appear for you to select additional permissions. Select the additional items and click 'Add items'.

​​                 File:010_Developer_Guide/82_Socialize_Setup/005_Opening_External_Applications/10_Facebook/clipboard_1399204226622.png


  • ​You then need to click on the "Add Notes" link for each of the additional permissions.​

​​                 File:010_Developer_Guide/82_Socialize_Setup/005_Opening_External_Applications/10_Facebook/clipboard_1399204892154.png

  • After you click on 'Add Notes' you need to enter the following information for each item, and click 'save'.


  • In addition, on the Review Submission Form, you must upload a minimum of four screenshots that shows how the site is using Facebook in the app. 
  • Click the "Submit for Review" button to submit the app for approval.
Note: if you are using Facebook application v1.0, you can migrate to v2.0 and after you will be asked to include enhanced permissions as well.

Optional - for Advanced Users Only

  • If you are planning on using the Facebook External Application Canvas Page:
    1. Click the "Settings" button on the left.
    2. Click the "Add platform button" at the bottom of the Settings box, and select "App on Facebook". 
      App on Facebook
    3. In the "Canvas URL" field paste: http://<CNAME>/GS/SNLink.aspx?appid=<appid> ​
      Note that you cannot use a specific html page as a canvas URL: Use http://www.yoursite.com/canvas/ not http://www.yoursite.com/canvas.html
      Canvas URL settings 
    4. If you are not using a CNAME, then in the "Canvas URL" field paste: http://socialize.gigya.com/GS/SNLink.aspx ?appId=<appid> and in the "Secure Canvas URL" field paste: https://socialize.gigya.com/GS/SNLink.aspx?appId=<appid>  <appid> must be replaced with your App ID which is located at the top of the page.
      Note: If your site is defined under Gigya's European data center replace socialize.gigya.com with socialize.eu1.gigya.com.
    5. Click the "Save Changes" button.
  • If you are using a CNAME and would like to redirect users to other servers (i.e. for geographic distribution of load) and enable OAuth on additional subdomains, add your subdomains in the 'App Domain' field:
    1. Click the "Settings" button on the left.
    2. Enter your domain names in the "App Domains" field.
    3. Click the "Save Changes" button.
      Adding additional domains

Phase 2 - Configuring Facebook's Application Keys in Gigya's Website

  1. Go to the Dashboard section of Gigya's website.
    Note: If you are not signed in to Gigya, please go to http://www.gigya.com/ and sign in.
  2. Press the "Site Settings" button that corresponds to the domain you wish to configure. You will be redirected to the "Site Settings" page.


  3. select 'providers configuration' on the left hand side menu and click on 'Facebook'

  4. Paste your keys (the "Secret Key" and the "Application Id" from the end of phase 1) in the corresponding places:

  5. Select a Facebook API version to use with your app (Read more about Facebook API versions and permissions here).
  6. Enable native SDK capabilities. Requires that your domain was entered in the "Valid OAuth redirect URIs" (see stages 10-16 above).
  7. If you are defining a canvas application, enter the canvas page url you defined in Facebook. 
  8. Click the "Save Settings" button (located at the lower right-hand corner of the page).

A Note on Facebook API

To keep all of Gigya's and Facebook's functionality running smoothly, you must keep all of your Facebook apps using the same API version. As a rule of thumb, it is considered best-practice to keep them up-to-date to the latest one.
This is important for several reasons:

  1. Old versions are deprecated as new versions are released. Once an API version is deprecated, you can no longer create new apps using the old version.
    e.g. All Facebook apps created after April 30, 2014 are automatically assigned API V2.0, as stated in the Facebook upgrade guide. To keep all your apps using the same API, upgrade the old ones.
  2. Single-Sign-On required that all sites in a group use the same API version. You can use API V1.0, only if all of the sites in the group are using it. If you with to add a new site (with an app that was created after April 30th),
    you must upgrade all the apps in the group.

Gigya supports backwards compatibility, so an app's API version can be updated without the need to change implementation, by changing the selection on the Facebook configuration dialog radio button as seen in step 4 above. 

Phase 3 - Setting Up Your Facebook For Business Account

Facebook issues app-scoped user IDs to users who register to your app, meaning that a 'providerUID' obtained from Facebook is only valid in the scope of that particular app.
Since each app is associated with a single site, clients with multiple sites are recommended to create a business account in Facebook in order to bind users' data from all sites under a single business entity.
This step can be preformed at any point, and any existing Facebook app can be bound to the business entity that you create. 

Once you set up your business entity on Facebook, any user that registers to multiple sites is recognized across your different sites and his social data can be aggregated under a single identity.
 Gigya automatically recognizes your business and associates it to all of your apps, so no further configuration is needed other than setting up your Facebook business entity and associating all of your Facebook apps to your business.
App-scoped data can be obtained via the the identity object. The identity holds an array called 'mappedProviderUIDs' which contains pairs of Facebook 'Users ID' and the site API key that uses the associated app.

Note: Make sure all of your Facebook apps are using the same Facebook API version.  It is recommended to use the latest version.



That's it, Facebook configuration is complete! Please note that it might take up to 10 minutes for our system to become synchronized with Facebook.


Note: to learn how to localize your Facebook application to different languages, please refer to http://developers.facebook.com/docs/internationalization/.
Was this article helpful?
Pages that link here
Page statistics
28297 view(s) and 40 edit(s)
Social share
Share this page?


This page has no custom tags.
This page has no classifications.


You must to post a comment.