As above, you request scope as part of your login (which is not part of the bubble flow you would need your own).
You then get redirected back to your app’s callback page. In the URL will be a hash parameter. (so a paramter that doesn’t have a ? but has a # instead) - that will contain the auth token from the User. You take that, and your own credentials, and request an API token from Facebook. You then use that token to call the APIs you need.
So essentially quite simple, but you can’t do it in native Bubble because …
- Bubble can’t see the hash parameters in the “Get ? parameter from page URL”.
- Even if you could if may well be encoded and we have no way of decoding
Assuming you can get round this (the former is possible with a webtask, and I think the second too) …
- You don’t want to expose your Facebook credentials on the client side for everyone to see
- There are considerations for where to store the tokens … I think I am right in saying that FB tokens don’t expire
You can do 3) in a Webtask as well, which will hide the creds. But that still leaves 4).
So if you can find someone with the coding skills to write these little microservices … it would be possible. But potentially not advisable.