This documentation is for WSO2 Identity Server 5.3.0 . View documentation for the latest release.

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Facebook can be used as a federated authenticator in the Identity Server. Do the following to configure the Identity Server to authenticate users using their Facebook credentials. See Login to the  

Note

This section gives you a quick understanding of configuring Facebook as Identity provider so that it acts as a federated authenticator. Check out the Logging in to your Application via Identity Server using Facebook Credentials

...

  1. Expand the Facebook Configuration form.
    Image Removed
  2. Fill in the following fields where relevant.

    FieldDescriptionSample value
    Enable Facebook AuthenticationSelecting this option enables Facebook to be used as an authenticator for users provisioned to the Identity Server.Selected
    DefaultSelecting the Default checkbox signifies that the Facebook credentials are the main/default form of authentication. This removes the selection made for any other Default checkboxes for other authenticators.Selected
    Client IdThis is the username from the Facebook app. These are obtained from the Facebook App you create using your Facebook Developer account. See Logging in to the Identity Server using Facebook Credentials for more information on how to do this.1421263438188909
    Client SecretThis is the password from the Facebook app. Click the Show button to view the value you enter.12ffb4dfb2fed67a00846b42126991f8
    ScopeYou can restrict the claims sent to the Identity Server. This means you can restrict the claims by specifying them in the scope.email
    User Information FieldsYou can send a comma separated list of claims that you need to receive. id,email,name

tutorial to try out an end-to-end scenario of using Facebook as a federated authenticator.

Tip
titleBefore you begin
  1. Create a Facebook account and register an application on Facebook.
  2. Sign in to the WSO2 Identity Server Management Console at https://<Server Host>:9443/carbon using your username and password
Excerpt

Follow the steps given below to add a new identity provider in WSO2 Identity Server.

  1. Download the WSO2 Identity Server from here and run it.
  2. Log in to the Management Console as administrator.
  3. In the Identity section under the Main tab of the Management Console, click Add under Identity Providers.
  4. Give a suitable name as the Identity Provider Name.
    Image Added
  5. Go to Facebook Configuration under Federated Authenticators


Enter the following values in the form that appears:

FieldDescriptionSample Value
Client Id

This refers to the App ID you received from the Facebook app you created.

Expand
titleDon't know the client ID? Click here for more information
  1. Go to https://developers.facebook.com/ and log in using your Facebook credentials.
  2. Click on your app from the My Apps drop-down list.
    You are navigated to the Dashboard of the application. Note down the App ID and the App secret.

Image Added

<Application ID of the Facebook App>


Client SecretThis refers to the App Secret you received from the Facebook app you created.<App Secret of the Facebook App>
ScopeDefines the permission to access particular information from a Facebook profile. See the Permissions Reference for a list of the different permission groups in Facebook APIs.  email
User Information FieldsThese are the claims related to the user account on Facebook. WSO2 Identity Server requests these fields from Facebook when a user is authenticated with Facebook through the IS. See public_profile permission for more information about these fields. id,name,gender,email,first_name,last_name,age_range,link
Callback UrlThis is the URL to which the browser should be redirected after the authentication is successful. This should be the commonauth endpoint of Identity server.https://localhost:9443/commonauth

Image Added


  1. Select both checkboxes to Enable Facebook Authenticator and make it the Default.

  2. Click Register.

You have now added the identity provider.

Panel
titleRelated Topics