Facebook

The Facebook Authentication Provider enables the Cloud CMS Application Server to authenticate, validate tokens and load user profile information against Facebook.

Facebook API Keys

To use this provider, you will first need to set up a Developers Account within Facebook and create an application therein. Doing so will give you a set of API tokens:

  • appId - the Facebook application ID token
  • appSecret - the Facebook application Secret token

Configuration

Here are all of the properties that may be configured:

"auth": {
    "enabled": true,
    "providers": {
        "facebook": {
            "enabled": true,
            "appId": "{Facebook App ID}",
            "appSecret": "{Facebook App Secret}",
            "successRedirect": "",
            "failureRedirect": "",
            "autoRegister": true,
            "registrationRedirect": "",
            "passTicket": true,
            "passToken": true
        }
    }
}

With the following properties:

  • enabled - whether the authentication provider is enabled
  • appId - provided by Facebook
  • appSecret - provided by Facebook
  • successRedirect - the URL to redirect to if the end user successfully authenticates
  • failureRedirect - the URL to redirect to if the end user fails to authenticate
  • autoRegister - whether to automatically create a Cloud CMS user (if none found) upon authentication
  • registrationRedirect - the URL to redirect to for user registration if a Cloud CMS user is not found
  • passTicket - whether to pass the authentication ticket back as the ticket parameter in the successRedirect
  • passToken - whether to pass the authentication access token back as the token parameter in the successRedirect

Examples

Here is a simple configuration where we provide our API Keys and fallback on the defaults for everything else.

"auth": {
    "enabled": true,
    "providers": {
        "facebook": {
            "enabled": true,
            "appId": "{Facebook App ID}",
            "appSecret": "{Facebook App Secret}"
        }
    }
}

Here is another example where we redirect to the error.html page if the user failed to log in. We also set things up so that a user account will be created automatically if a user couldn't be found for the authenticated Facebook user.

"auth": {
    "enabled": true,
    "providers": {
        "facebook": {
            "enabled": true,
            "successRedirect": "/index.html",
            "failureRedirect": "/error.html",
            "appId": "{Facebook App ID}",
            "appSecret": "{Facebook App Secret}",
            "autoRegister": true,
            "passTicket": true,
            "passToken": true            
        }
    }
}