Hi Guys
I’ve been asked to implement Facebook login on our company website but have a few questions that I hope some of you could have used this mechanism before can help me with.
-
At what point can I take the data from the user’s profile on they have logged in using their Facebook account? I’ve been on a few websites where it seems to create an account on their site automatically without asking for extra permission. I’ve also been on other sites where you have to click Okay and then they simply pre-populate their own sign up form with the data they have retrieved from the user’s FB account. Can someone offer some guidance and the pros/cons.
-
If you allow FB account on your own site are there any risks I should be aware of i.e data security issues, do Facebook track the fact we are using their login plugin? i.e will my company’s name appear anywhere?
Any info will be greatly appreciated.
Many thanks
Including facebooks plugin causes them to track a whole slew of data about your site, additionally you’ll need an SSL cert if you don’t already have one, and any information you want to gather from their profiles they have to manually authorize usually in the form of a ‘x wants to access your foo and bar data, do you accept?’ while logging in, as such it’s generally a bad idea to take anything more than you actually need to authentication purposes. You can’t not ask for permissions when logging in with facebook as the user has to individually authorize access, usually through a redirection process or a popup if it’s a full on app asking for the permissions.
And yes, facebook tracks usage of apps/oauth connections to facebook’s information though why this would matter particularly much I can’t imagine. As far as I’m aware only facebook and the developer signed up on facebook can access usage statistics, you can likely find more information on this in their ToS.
Hi Belsnickle
Thank you very much for your reply - very helpful.
So if I have understood you correctly I can’t store them in my site’s CRM database as soon the user logs in using their Facebook account. Instead I’ll need to let them log in and then pre-populate our sign up form with name, email, gender, country and say something like ‘Almost signed up just complete the form below and sign up…’. Once they have submitted that form they will automatically be placed in our database as if they have signed up as usual using the normal sign up form? Is that correct and do most companies do it this way?
Do you know what data Facebook would take from our site?
thanks again
You can absolutely store certain amounts of data from FQL responses as soon as someone logs in, it’s generally a best practice to take the lowest level required and then allow them to choose the rest but it’s absolutely not necessary. I could not particularly inform you upon what most companies do so much as what the clients I’ve worked with have wanted. A lot of clients get worried about users getting scared when they get the warning alert at certain levels of notice.
Unfortunately my knowledge on that is about covered in simply knowing that they do, not what they specifically do.
Many thanks for the info - much appreciated
Off Course, Facebook login and other Social Media login is very beneficial for your site. Many user are login with your site by this Social media login.
- At what point can I take the data from the user’s profile on they have logged in using their Facebook account? I’ve been on a few websites where it seems to create an account on their site automatically without asking for extra permission. I’ve also been on other sites where you have to click Okay and then they simply pre-populate their own sign up form with the data they have retrieved from the user’s FB account. Can someone offer some guidance and the pros/cons.
You may be retrieve its Facebook user id, email id and password for your site’s basic thing than you told him that complete your profile.
- If you allow FB account on your own site are there any risks I should be aware of i.e data security issues, do Facebook track the fact we are using their login plugin? i.e will my company’s name appear anywhere?
There is risk in any Social Media login.
Using Facebook login is very effective because it will only lead you real and genuine users. Using this feature, you can automatically take the profile information to your website by enabling it. So, there is no need to ask for personal details again. And of course it is the most secure way to save data.