Beta
This feature is in beta. Core behavior is stable, but some APIs or configuration may change before general availability.
Sign in with Facebook (Meta) accounts using OAuth 2.0.
1. Create OAuth App
- Go to Meta for Developers.
- Click My Apps > Create App.
- Choose an app type (e.g., Consumer or Business).
- Enter your app name and contact email, then click Create App.
- In the app dashboard, find Facebook Login and click Set Up.
- Choose Web as the platform.
- Go to Facebook Login > Settings in the left sidebar.
- Add your callback URL to Valid OAuth Redirect URIs (see below).
2. Set Redirect URI
Add your EdgeBase callback URL to Valid OAuth Redirect URIs:
https://your-edgebase-url/api/auth/oauth/facebook/callback
HTTPS Required
Facebook requires HTTPS for redirect URIs in production. For local development, http://localhost is allowed.
3. Get Credentials
- Go to Settings > Basic in your app dashboard.
- Copy:
- App ID — This is your Client ID.
- App Secret — Click Show to reveal it.
4. Configure EdgeBase
// edgebase.config.ts
export default defineConfig({
auth: {
allowedOAuthProviders: ['facebook'],
},
});
export default defineConfig({
auth: {
oauth: {
facebook: {
clientId: 'YOUR_APP_ID',
clientSecret: 'YOUR_APP_SECRET',
},
},
},
});
5. Usage
- JavaScript
- Dart/Flutter
- Swift
- Kotlin
- Java
- C#
- C++
client.auth.signInWithOAuth('facebook');
await client.auth.signInWithOAuth('facebook');
let url = client.auth.signInWithOAuth(provider: "facebook")
// Open url in SFSafariViewController or ASWebAuthenticationSession
client.auth.signInWithOAuth("facebook")
client.auth().signInWithOAuth("facebook");
client.Auth.SignInWithOAuth("facebook");
OAuth requires a browser redirect flow. For C++ (Unreal Engine), handle OAuth in a platform webview and pass the token to the SDK.
Provider Details
| Property | Value |
|---|---|
| Scopes | email,public_profile |
| PKCE | No |
| Yes | |
| Email verified | No — Facebook does not provide email verification status |
| Avatar | Yes — from picture.data.url |
| Refresh token | No (returns expires_in instead) |
Notes
- Facebook does not expose whether an email is verified, so EdgeBase sets
emailVerified: false. This means automatic account linking with existing email/password accounts will not occur. Users must manually link accounts if needed. - Your app must be in Live mode (not Development mode) for non-test users to sign in. Go to the app dashboard and toggle the mode at the top.
- In Development mode, only users listed as app admins, developers, or testers can sign in.