Performing an OAuth PHP facebook website authentication

Daniel Redfern

Author: Daniel Redfern
Blog Created: Aug 11, 2016
Last Updated: Sep 7, 2019

alt text

You're building your new web application though you want your users to first authenticate against Facebook. Furthermore, you want to validate that they did actually confirm with Facebook that the person actually authenticate and not telling porkies! How about authorization though within your application? maybe you use the username of the authenticated user to then extract the data from your web application database... perhaps mysql?

If you were pondering on how to do that OR you were baited in by linked in, then you've come to the right place! A few months ago I uploaded 3 videos on how to this from scratch. There was ABSOLUTELY no reason why I did this, none of my blogs or application incorporate OAUTH with facebook. Though I know what 2017 Daniel will 'google' something similar and will then thank 2016 Daniel for his worthless commitment to the IT society

If you're wondering why I changed my shirt 3 times over the 26mins, it's because it was over separate days, not because I perspirant violently

Regardless, let's get down to it! When someone connects with an app using Facebook Login, the app will be able to obtain an access token which provides temporary, secure access to Facebook APIs. An access token that is passed is simply a long string that identifies a user, the application or the page that can be used by the application. The token includes information about when the token will expire and which application initially generated the token. The beauty of the OAuth token and most APIs to Facebook (or any application for that matter) is that you must pass that access token to almost all APIs.

Part one

Part two

Part three

Tags: IAMOAuth

About Daniel Redfern

Italian Trulli

Daniel is a Technical Manager with over 10 years of consulting expertise in the Identity and Access Management space. Daniel has built from scratch this blog as well as Follow Daniel on twitter @nervouswiggles