Facebook can be used as a federated authenticator in the Identity Server. Do the following to configure the Identity Server to authenticate users using their Facebook credentials.
This section gives you a quick understanding of configuring Facebook as Identity provider so that it acts as a federated authenticator. Check out the Logging in to your application via Identity Server using Facebook Credentials tutorial to try out an end to end scenario of using Facebook as a federated authenticator.
Before you begin
- Create a Facebook account and register an application on Facebook.
- Sign in to the WSO2 Identity Server Management
https://<Server Host>:9443/carbonusing your
Follow the steps given below to add a new identity provider in WSO2 Identity Server.
Download the WSO2 Identity Server from here and run it.
Log in to the Management Console as administrator.
In the Identity section under the Main tab of the Management Console, click Add under Identity Providers.
Give a suitable name as the Identity Provider Name.
Go to Facebook Configuration under Federated Authenticators.
Enter the following values in the form that appears:
Field Description Sample Value Client Id
This refers to the App ID you received from the Facebook app you created.
Don't know the client ID?
- Go to https://developers.facebook.com/ and log in using your Facebook credentials.
- Click on your app from the My Apps drop-down list.
You are navigated to the Dashboard of the application. Note down the App ID and the App secret.
<Application ID of the Facebook App>
Client Secret This refers to the App Secret you received from the Facebook app you created. <App Secret of the Facebook App> Scope Defines the permission to access particular information from a Facebook profile. See the Permissions Reference for a list of the different permission groups in Facebook APIs. User Information Fields These are the claims related to the user account on Facebook. WSO2 Identity Server requests these fields from Facebook when a user is authenticated with Facebook through the IS. See public_profile permission for more information about these fields. id,name,gender,email,first_name,last_name,age_range,link Callback Url This is the URL to which the browser should be redirected after the authentication is successful. This should be the commonauth endpoint of Identity server. https://localhost:9443/commonauth
Select both checkboxes to Enable Facebook Authenticator and make it the Default.
You have now added the identity provider.
- Identity Federation is part of the process of configuring an identity provider. For more information on how to configure an identity provider, see Configuring an Identity Provider.
- See the following topics for samples of configuring Facebook for federated authentication: