This document provides information on using Facebook authentication and OAuth on websites. It discusses Facebook authentication which works on the OAuth 2.0 protocol. OAuth attempts to provide a standard way for developers to offer services via an API without exposing user passwords. It defines terminology like app ID, app secret, token, and callback URI used in the OAuth flow. Notable changes to the Facebook developer platform include removal of offline access and merging of the Facebook share button and like button. The document also covers Open Graph tags and terminology.

1. How to use FB/OAuth on websites
• Facebook Authentication - works on the OAuth protocol 2.0
• It was introduced in 2006
• Make User grant access to the private resources of the one
website(service provider) to another website (the consumer)
• OAuth attempts to provide a standard way for developers to offer
their services via an API without forcing their users to expose their
passwords

2. Terminology
• AppId : Unique Identifier Code with which the purticular application is recognized
• App Secret: The App Secret is used in some of the Login flows to generate access
tokens and the Secret itself is intended to secure usage of your App to only those
that are trusted.
• Canvas App: The Page in which your app is loaded.
• Token: Unique Identifier issued by server
• CallBack Uri: Url to which the page is redirected after authentication or Authorization
• Oauth_token/App Access Token: App Access Token which can make API requests
on behalf of any user of the app
• http/1.1 XXX: STATUS
• 200 : Status Ok – Success
• 403 : Status Not Ok – Un Authorized
• 400: Status Not Ok – Bad Request

3. OAuth Flow

4. Notable Changes on Dev FB
●
Offline_access(removed).
●
FB Share has been merged with like button.Like button now internally used
for sharing.
●
Canonical URLs used when fetching Open Graph objects. We will start
using canonical URLs (e.g. the URL set in an og:url tag, 301/302
redirects, etc.) when fetching objects (e.g.
http://graph.facebook.com?ids=http://developers.facebook.com).
Some of the changes made in the developers website can be found on
https://developers.facebook.com/roadmap/completed-changes/

5. Open Graph
• A Simple Example : og:urls and
other og: tags in our website
header.
• This describes about users action
that has been done using
facebook API on third party
websites.

6. Open Graph Terminology
 Actions : Facebook has defined a set of
common actions for use in apps that
describe interactions. The types of actions
that people can perform in your app.
Example: Read,write,read etc.,. You can
also create mode custom Actions.
 Collections : aggregations have been
replaced by collections.
Example : For an action drive example
collection will be Recently Drove.
 Objects: The types of objects that people
interact with in your app.
For more Information Visit:
https://developers.facebook.com/docs/opengraph

7. FB Application we use we have
Applications:
1. BMS : Used for General Logins and all facebook actions across the live site
2. BMS Test Used : Used for all general Facebook actions and logins on test site
or for any test application
3. TicketBuddy : Live Bookmyshow application to sells tickets through Facebook
Canvas Application
4. Cinemax Cinemas : Bookmyshow Application which sells only tickets for
cinemax cinemas on Facebook Canvas Application
Pages:
1. BookmyshowIN -
2. IndiaEntertainmentCentral.
Canvas Apps:
1. TicketBuddy : Live Bookmyshow application to sells tickets through Facebook
Canvas Application : Url - https://apps.facebook.com/ticketbuddy
2. Cinemax Cinemas : Bookmyshow Application which sells only tickets for
cinemax cinemas on Facebook Canvas Application. URL:
https://apps.facebook.com/cinemax-cinemas/