Permissions

Skip to end of metadata
Go to start of metadata

 

Description

The Permissions page of the Gigya Console allows you to manage the permissions you have for different social networks, including general and Facebook-related permissions.

To manage the site restrictions:

  • Please go to http://www.gigya.com/ and if you are not signed in to Gigya, sign in or create a new account.

  • Click the 'Settings' link on the upper menu:

  • Click the 'Permissions' link on the side menu:

General Permissions

Enable Retrieving User Contacts

Check the following checkbox if you plan on using the socialize.getContacts API method to retrieve the user's email contact list:

An additional advantage of checking this box is that when Sharing via Email , the email screen will provide users with an option to import contacts from their email providers.

When this box is checked, users signing in through Yahoo or Google will be asked to give permission to retrieve their contact list. Note that Google+ application definitions must enable the Contacts API to retrieve user contacts (see the Google+ setup page for more information).

The following is an example of the Google dialog that will be prompted while connecting to Google:

The following is an example of the Yahoo dialog that will be prompted while connecting to Yahoo:

Using these dialogs, the user can decide whether or not to grant your application permission to retrieve his Google/Yahoo contacts. If the user presses the "Allow"/"Agree" button, your application will receive indefinite privilege to retrieve his Google/Yahoo contacts, and the user will not be prompted by this dialog again.

Enable Mobile or Desktop Client Applications API Access

This checkbox is unchecked by default. Check this checkbox only if you plan on developing a smart client application that uses the Gigya API. Checking this checkbox allows Gigya's server to not validate your APIKey against a domain. This is necessary for non web client applications such as iPhone, Android, iPad and desktop applications.

Enable Retrieving User Interests and Activities

Check the following checkboxes if you plan on using the socialize.getUserInfo API method to retrieve the user's interests and activities:

The following social networks may include interests and activities in the user's information:

  • Facebook (interests, activities)
  • LinkedIn (interests)
  • Yahoo (interests)
  • Google (interests)

Facebook Permissions

When a Facebook user authorizes your application, your application gets access to the user's public profile data. To receive access to data that is not part of the users's public profile, and to perform actions with that data (e.g publish content to Facebook on a user's behalf), your app must request permission from the user to do so.
Permissions are divided to basic permissions and extended permissions As of version 2.0 of the Facebook API, apps that request permissions beyond the basic level permissions must be reviewed by Facebook before being published.

During the social login process, the user is presented with a UI in which the user can authorize your application to access that specific part of her profile.
 
Using this dialog, the user will decide whether or not to grant your application with the required permissions. 

Depending on the Facebook API version that your app is using. Different versions define different permissions.

    
                                            login permissions v2.0


With v2.x, the user can choose to accept only specific permissions out of the ones your app requests.

Under the 'Facebook Permissions' header in the Permissions page in your console, you can determine which extended permissions will be requested from the user.

Note: If your app is requesting Extended Permissions via the Gigya Permissions page that are not yet approved by Facebook, your users will see a red warning box stating that 'Some of the permissions below have not been approved for use by Facebook'.

For each Facebook API version that your app uses, there is a slightly different set of permissions.

Checked check boxes add permission requests to the list on Facebook's "Request for Permission" dialog.

 

In Facebook API v2.x, permissions are divided into basic and extended permissions. 

Granting of the permissions will enable you to do the following:

Basic Permissions 

  • Enable retrieving user's friends list
    *In API v2.0, this permission was removed from the default permission set. Apps that use v2.x must explicitly request to get access to a user's friends list.

The following options are all of the profile properties available in API v2.x and are now optional for users and, with the exception of  'public_profile, email, or user_friends', now require review and approval by Facebook if your app requests any of them. For more information see https://developers.facebook.com/docs/reference/login/extended-profile-properties/

Facebook API v2.0 Permissions

Extended Permissions (v2.0)

  • Enable publishing user actions 
    If the user presses the "Allow" button, you will be able to publish Open Graph Actions, including check-ins, to the user's Timeline, ticker & News feed using the socialize.facebookGraphOperation API method. Publishing permissions require extended permission from the user. For more information see https://developers.facebook.com/docs/reference/login/extended-permissions/.
  • Enable retrieving user's photos
    If the user presses the "Allow" button, you will be able to access photos the user has uploaded or been tagged in; giving the app the ability to create albums etc., from the users photos
  • Enable retrieving user's birthday
    Permission to receive access to a user's birthday information must be requested explicitly in v2.x
    If the users press the "Allow" button, you will be able to retrieve their birthday using the socialize.getUserInfo API method.
  • Enable retrieving user's location
    If the users press the "Allow" button, you will be able to retrieve their current city using the socialize.getUserInfo API method.
  • Enable retrieving user likes
    If the users press the "Allow" button, you will be able to retrieve any of the users likes.
  • Enable retrieving user's work history
    If the users press the "Allow" button, you will be able to retrieve their work history using the socialize.getUserInfo API method.
  • Enable retrieving user's education history
    If the users press the "Allow" button, you will be able to retrieve their education history using the socialize.getUserInfo API method.
  • Enable retrieving user's 'About me' section
    If the users press the "Allow" button, you will be able to retrieve their 'About me' section using thesocialize.getUserInfo API method.
  • Enable retrieving user's hometown
    If the users press the "Allow" button, you will be able to retrieve their hometown using the socialize.getUserInfo API method.
  • Enable retrieving extended user's website
    If the users press the "Allow" button, you will be able to retrieve their website URLs using the socialize.getUserInfo API method.
  • Enable retrieving user's relationships
    If the users press the "Allow" button, you will be able to retrieve the user's personal relationship details.
  • Enable retrieving user's religion and political view
    If the users press the "Allow" button, you will be able to retrieve their political views and religion.

For a complete listing of the possible data fields you can request from Facebook (with the proper approval) see the list of Gigya's Natively Supported API Objects.  For a complete list of all possible fields available via the Facebook User Object, please review Facebook's Graph API Reference or here for more information on making direct API calls with the Gigya API.

LinkedIn Permissions

In this part of the site setup you can determine which extended permissions will be requested from the user.

Granting the permissions will enable you to do the following:

  • Enable retrieving email addresses
    Send emails to the users' mailbox using LinkedIn contact email. If a user chooses to press the "Allow access" button, you will receive their email address. The email address is provided as a field of the User object (named "email"), which you receive as part of the user Social Login process, or by calling the socialize.getUserInfo API method.
  • Enable posting content to user stream
    If the user presses the "Allow access" button, you will be able to post content to the user's stream.
  • Enable sending notifications
    If the user presses the "Allow access" button, the user will be able to send notifications to a list of friends.
  • Enable retrieving full profile
    If the user presses the "allow access" button, you will receive their full profile information, including experience, education, skills and recommendations.
  • Enable retrieving additional user contact details
    If the users press the "Allow access" button, you will be able to retrieve their address and phone number using the socialize.getUserInfo API method.
  • Enable retrieving connections
    If the user presses the "Allow access" button, you will be able to retrieve their connections.

 

During the social login process, the user is presented with a UI in which the user can authorize your application to access that specific part of his profile:

Enabling Extended Info Permissions requires that you register as a partner with LinkedIn. This process is subject to LinkedIn approval and can take up to 15 business days.

For more information, see https://developer.linkedin.com/ and https://www.linkedin.com/secure/developer.


Using this dialog, the user will decide whether or not to grant your application with the required permissions. If the user presses the "Allow access" button, your application will receive indefinite privileges, and the user will not be prompted by this dialog again.

For more information see our LinkedIn guide.


PayPalOAuth

Here you can choose whether to gather the users  Email address Street address , and/or  Phone number  by selecting the corresponding options and clicking the  Save Permissions  button on the lower right-hand section of the page.

 


Permissions to Scope

 

Permissions By Provider - Overview

This section outlines the mapping of Provider Permissions in the Gigya Console to their respective scopes within the social network.

 

General Permissions

Console PermissionScope When Enabled
Enable retrieving user contactsGoogle+ Manage your contacts

 

Facebook Basic Info Permissions

Console PermissionScope When EnabledReports Label In CI
Enable retrieving email addressesemailN/A
Enable retrieving user's friend listuser_friendsN/A
The default Facebook user object. This is retrieved automatically by Gigya for all apps and can not be disabled.public_profileHighlights->Profile, Highlights->Age, Highlights->Gender, Demographics->Gender, Demographics->Age

 

Facebook Extended Info Permissions

Console PermissionScope When EnabledReports Label In CI
Enable publishing user actionspublish_actionsN/A
Enable retrieving photosuser_photosN/A
Enable retrieving user's birthdayuser_birthdayDemographics->Location
Enable retrieving user's locationuser_locationN/A
Enable retrieving user likesuser_likesHighlights->Top Likes, Interests
Enable retrieving user's work historyuser_work_historyDemographics->Top Job Titles
Enable retrieving user's educationuser_education_historyDemographics->Top Schools, Demographics->Education
'About Me' sectionuser_about_meN/A
Enable retrieving user's hometownuser_hometownN/A
Enable retrieving user's web siteuser_websiteN/A
Enable retrieving user's relationshipsuser_relationships, user_detailsDemographics->Relationship Status
Enable retrieving user's religion and political viewuser_religion_politicsN/A

 

LinkedIn Basic Info Permissions

Console PermissionScope When Enabled
Enable retrieving email addressesr_emailaddress
Enable posting content to user streamw_share
Enable sending notificationsw_messages

 

LinkedIn Extended Info Permissions

Console PermissionScope When Enabled
Enable retrieving full profiler_fullprofile
Enable retrieving additional user contact detailsr_contactinfo
Enable retrieving connectionsr_network

 

PayPal Permissions

Console PermissionScope When Enabled
Enable retrieving email addressemail
Enable retrieving user's addressaddress
Enable retrieving user's phonephone