How to Authenticate Your Facebook App - dummies

By Jamie Crager, Scott Ayres, Melanie Nelson, Daniel Herndon, Jesse Stay

The Auth dialog box allows the user to install your app on the user’s Facebook home page and authenticate the app. Authenticating an app grants it the permissions it needs to run properly. Permissions define which objects of a Facebook account the app needs. For example, if your app needs to post the user’s timeline, the Auth dialog box requests this permission from the user.

The App Details

The App Details form is available by clicking App Details in the left sidebar of your app setup. The App Details section allows you to define which permissions the app needs to request from the users when they click the app from Facebook’s App Center. The App Details section enables you to configure exactly how your app will appear and work in App Center.

Here is a description of the options in this form and how they affect your app’s appearance in App Center:

  • Primary Language: Leave this option set at the default for now. This option determines basic defaults for the language that the user sees when they use Facebook features of your app.

  • Display Name: Type the name of your app here. The name will appear across the top of the Auth dialog box.

  • Tagline: Type a short tagline, up to 40 characters. The tagline will appear below your app’s name.


  • Description: Enter a description of your app — what it does, why, and so on. You are limited to 130 characters.

  • Detailed Description: Enter a detailed description of your app, up to 1000 characters. This description will help users decide whether or not to install your app.


  • Explanation for Permissions: Type the description of the types of permissions your app needs to get from the user’s Facebook account. This description helps the user decide whether to authenticate the app.

  • Publisher: This field is optional. You can add the name of the person or company publishing the app.

  • Category: Choose the category and subcategory that best describe your app. This information helps users find your app.

  • Privacy Policy URL: Create a link in the Auth dialog box that takes the user to a page on your web server describing your privacy policy. Because your app accesses personal information on Facebook, you can use this option to assure users that their data is safe with you.

  • Terms of Service URL: Create a link in your Auth dialog box that takes the user to a page on your web server describing the rules or terms of service for your app.

  • User Support Email: Add an e-mail address. When users report or contact your app, their request will be sent to this address.

  • User Support URL: Add the URL to your support help desk or FAQ page. When users submit a report or contact the app, their request will be sent to this URL.

  • Marketing URL: This field is optional. Add a URL to your promotional website. This link will be visible on your app detail page as Visit App website.

  • App Page: Link a Facebook page to your app. The page must be categorized as an app page for it to link.

  • Listed Platforms: Select the platforms you want listed under the Available On section of your app detail page. You can choose between website with Facebook Login and App on Facebook.

  • Images: The remainder of this page is all about images. What you enter here depends on your app. Upload the images according to the sizing listed.

Request permission

In addition to the preceding options, you may need to tweak the permissions of your app. Click Permissions in the left sidebar. You see the Configuring Permissions section, which lets you define the permissions that Facebook requests from the user as well as set the default activity privacy.

The following options are available:

  • Default Activity Privacy: Choose the default privacy setting for your app’s activity. Users can change this setting in the Login dialog box. You can choose from Public, Friends, None (User Default), or Only Me.

  • User & Friend Permissions: Include required permissions, permissions that typically just request information rather than make changes to the user’s Facebook objects. Note that you must request access to each specific type of data. To get the user’s birthday, interests, location, relationship data, and so on, you’ll need a string in this field for each one.

    To enter permission, start typing the permission string in the field, Facebook will then suggest available strings based on what you type.

  • Extended Permissions: Typically, the Extended Permissions allow you to make changes to the user’s Facebook objects, such as posting and uploading photos and videos. The user can also revoke any of these permissions after authenticating your app. In most instances, revoking permissions for an app will break it or change how the app works.

    To enter a permission, start typing the permission string in the field. Facebook will suggest available strings based on what you type.


  • Auth Token Parameter: Some apps interact with the Graph API. An auth token, or authorization token, is passed to the Graph API to allow the app to interact with it on behalf of Facebook users. This sophisticated concept is designed for use with intricate apps. Check here for a full description of app authentication.