Login with Facebook

Top  Previous  Next

Backendless integrates with Facebook to support user authentication and login into a Backendless application with a Facebook account. Using the integration application developer can provide a way to skip the application registration step and allow users to use their Facebook identity to enter and experience the application. Backendless provides two ways to handle Facebook logins:

Easy Facebook Login - The Facebook SDK is not required on the client. The client application makes a Backendless API call to initiate the login and the user authenticates in a Facebook popup window.
Login with Facebook SDK - The client application uses the Facebook SDK to authenticate the user and then delegates to a Backendless API call to link the Facebook identity to a BackendlessUser instance.

Both approaches - Easy Login and Login with SDK, rely on the concepts and a configuration change described below.

Property Mapping

Backendless user objects may have their own set of user properties. As a result, when a user logs in using their Facebook account, their Facebook Graph API user fields are mapped to the Backendless user properties. A single mapping references a Facebook user field and the name of a Backendless property. The mapping is a required as it dictates which Facebook properties must be used when creating a corresponding Backendless user account. Once the user is authenticated, Backendless obtains the field values from the Facebook user graph object and populates the mapped properties in the BackendlessUser object. For the very first login, Backendless also creates the user in its internal system.

Permissions

The client application can request the permissions from the user to access additional user information or perform various actions. Requested permissions is a collection of string objects passed as an argument in the Backendless API call to login a Facebook user.

The Facebook permissions can be found at https://developers.facebook.com/docs/facebook-login/permissions/v2.2#reference.

Backendless Configuration

Backendless backend must be configured with Facebook's application App ID and secret key. See the "Social Settings" chapter of the user guide (the Manage section) for detailed instructions for configuring Backendless with Facebook.

Easy Facebook Login

Backendless client SDK and the server-side implementation follows the following process to support the easy login option:

1.The client application initiates the Facebook login sequence by calling a method from the Backendless SDK.
2.The invocation results in a UI dialog where the user enters their Facebook credentials and submits the form.
3.The form submission is sent to Facebook.
4.Upon successful login, Facebook executes a redirect to the Backendless servers.
5.Backendless receives the user information from Facebook and returns it back to the client.

The diagram below illustrates the process:

backendless-facebook-login

API

 


Method

POST

URL

http://api.backendless.com/<version>/users/social/oauth/facebook/request_url

Sample Request Body

{
"fieldsMapping" :
    {
     "first_name" : "FirstName",
     "last_name" : "LastName"
  },
"redirect" : true,
"permissions" : ["email"]
}

where:

fieldsMapping- a mapping between the Facebook fields and Backendless user properties. Keys must be the names of the Facebook fields, values - the names of the Backendless properties. The Facebook keys correspond to the Facebook Graph API keys. Social properties will be copied to the Backendless user properties and should be updated manually in case of their change.
redirect- if set to true, the authorization URL will return with ‘303 See other’ response code.
permissions- a collection of the Facebook permissions/scopes, to which the application requests access.

 

Response Body

HTTP Response: 200 : response contains BackendlessUser object (with all props, except for password).
HTTP Response other than 200 in case of a social authorization, registration or a login error.

 

Example:

You can either use the mapping with or without permission to get email value.

Sample query without permission to get email value:

curl
-H application-id:<app id>
-H secret-key:<secret key>
-H application-type:REST
-H Content-Type:application/json
-X POST
-d'{"fieldsMapping":{"first_name":"First", "last_name":"Last"}, "redirect":true}'
-v https://api.backendless.com/v1/users/social/oauth/facebook/request_url

Sample query with permission to get email value:

curl
-H application-id:<app id>
-H secret-key:<secret key>
-H application-type:REST
-H Content-Type:application/json
-X POST
-d'{"fieldsMapping":{"first_name":"First", "last_name":"Last", "email":"email"}, "redirect":true, "permissions" : ["email"]}'
-v https://api.backendless.com/v1/users/social/oauth/facebook/request_url

Login With Facebook SDK

As the name suggests this option uses the Facebook SDK to handle the login to a Backendless application. The result of the operation is an instance of the BackendlessUser class which contains the property values initialized from the Facebook user account. Using the Facebook SDK with Backendless consists of the following steps:

Configure Backendless backend with the Facebook App ID/API Key.

Method

POST

URL

https://api.backendless.com/<versionId>/users/social/facebook/sdk/login

Request Body

{
 "accessToken" : value,
 "fieldsMapping" :
  {
     "first_name" : "FirstName",
     "last_name" : "LastName"
  }
}

where:

accessToken- Access token received from the Facebook SDK authentication request. This is a required value.
fieldsMapping- an optional mapping between the Facebook fields and Backendless user properties. Keys must be the names of the Facebook fields, values - the names of the Backendless properties. The Facebook keys correspond to the Facebook Graph API keys. Social properties will be copied to the Backendless user properties and should be updated manually in case of their change.

Response Body

a JSON representation of a BackendlessUser object.

Example:

Login request with field mappings:

curl \
-H 'application-id: APPLICATION-ID' \
-H 'secret-key: REST-SECRET-KEY' \
-H 'Content-Type: application/json' \
-H 'application-type: REST' \
-X POST \
-d'{"accessToken" : "CAANVVCKZA1Y0BAA4Z....", "fieldsMapping":{"first_name":"First", "last_name":"Last", "email":"email", "name":"name"}}' \
-v https://api.backendless.com/v1/users/social/facebook/sdk/login

Login response:

{"lastLogin":1454524395923,"created":1454524396000,"ownerId":null,"__meta":"{\"relationRemovalIds\":{},
\"selectedProperties\":[\"__updated__meta\",\"Last\",\"created\",\"name\",\"___class\",\"First\",
\"ownerId\",\"updated\",\"email\",\"objectId\",\"__meta\"],\"relatedObjects\":{}}","user-registered":
true,"Last":"Bond","name":"James Bond","___class":"Users","First":"Bond","user-token":
"E6D5DD4F-4F0D-4D99-FF3D-CCB8DFFB3400","updated":null,"email":"james@mi6.gov.uk"
"objectId":"3CBA1744-0487-320F-FF4D-E69B3F6D8500"}


Please let us know how we can improve the documentation by leaving a comment. All technical questions should be posted to the Backendless Support forum. We do not respond to the technical questions on the documentation pages.: