Facebook can be used as a federated authenticator in the Identity Server. Do the following to configure the Identity Server to authenticate users using their Facebook credentials.
This section gives you a quick understanding of configuring Facebook as Identity provider so that it acts as a federated authenticator. Check out the Logging in to your Application via Identity Server using Facebook Credentials tutorial to try out an end to end scenario of using Facebook as a federated authenticator.
To navigate to the federated authenticators configuration section, do the following. Fill in the details in the Basic Information section. You can configure the following federated authenticators by expanding the Federated Authenticators section followed by the required subsections. More Federated Authenticators
For more information, see Adding and Configuring an Identity Provider.
Fill in the details in the Basic Information section.
You can configure the following federated authenticators by expanding the Federated Authenticators section followed by the required subsections.
More Federated Authenticators
- Expand the Facebook Configuration form.
Fill in the following fields where relevant.
Field Description Sample value Enable Facebook Authentication Selecting this option enables Facebook to be used as an authenticator for users provisioned to the Identity Server. Selected Default Selecting the Default checkbox signifies that the Facebook credentials are the main/default form of authentication. This removes the selection made for any other Default checkboxes for other authenticators. Selected Client Id This is the username from the Facebook app. These are obtained from the Facebook App you create using your Facebook Developer account. See Logging in to your Application via Identity Server using Facebook Credentials for more information on how to do this. 1421263438188909 Client Secret This is the password from the Facebook app. Click the Show button to view the value you enter. 12ffb4dfb2fed67a00846b42126991f8 Scope You can restrict the claims sent to the Identity Server. This means you can restrict the claims by specifying them in the scope. User Information Fields You can send a comma separated list of claims that you need to receive. id,email,name Callback URL
This is the URL to which the browser should be redirected after the authentication is successful. It should have this format: https://(host-name):(port)/acs. Here ACS URL (Assertion Consumer URL) is the endpoint in WSO2 Identity Server which accepts the response sent by facebook.