Hi all I’m trying to set up the log in with facebook and so far I have the api key and the app secret from Facebook and so when I follow the “log in with facebook tutorial” and complete it on my own project, once I click the log in with facebook button, I get this error:
“Given URL is not allowed by the Application configuration: One or more of the given URLs is not allowed by the App’s settings. It must match the Website URL or Canvas URL, or the domain must be a subdomain of one of the App’s domains.”
My Site URL and App Domain both match each other.
However when I do the lesson/tutorial provide by bubble, it works…
Has anyone else had this issue before and know how to resolve it?
Also on another note, Is there a way to invite friends using the current user’s facebook database, ex: I want to be able to invite my friends that facebook knows i’m friends with.
so i’ve done all of the steps youve mentioned. The only confusing part I might have is for #1, making sure the app is enabled in production. I dont know what you mean by that.
And of course I am using the my own app id and secret. Thanks for looking out though.
Still doesn’t work. My facebook page for the website reads like the one you posted. It reads YES. When i click the button to log on my website with fb, I am directed to a fb page and then this message still pops up.
“Given URL is not allowed by the Application configuration: One or more of the given URLs is not allowed by the App’s settings. It must match the Website URL or Canvas URL, or the domain must be a subdomain of one of the App’s domains.”
I experienced this issue this summer…here is what I remember…
first, make sure your OAuth URL’s are listed correctly. OAuth URL’s are the pages(within your app) that have the FB login button. This may be your index page, about page, etc. To find the OAuth settings on your FB developer account: click on settings, go to the advanced tab, scroll down to Client OAuth settings. There, list every URL that has the FB login button.
second, test every setting within the advanced settings tab: OAuth Login settings. Test test test and test again until it works. Also, don’t panic. I remember this being very frustrating for me but it will eventually work.
okay guys so it works now. Listing the url’s in the “Valid OAuth redirect URIs” worked it seems. Here are my settings that I have for it to work.
Native or desktop app?
yes
Is App Secret embedded in the client?
no
Deauthorize Callback URL
—empty—
Under App Restrictions -----------------
Contains Alcohol
no
Social Discovery
no
Age Restriction
13+
Country Restricted
no
-----------------Under Security --------
Server IP Whitelist
—empty—
Update Settings IP Whitelist
—empty----
Update Notification Email
—empty—
Client Token
----a lot of numbers that i think may be private? —
Require App Secret
no
Allow API Access to App Settings
yes
Require 2-Factor Reauthorization
no
Under Client OAuth Settings -----------------------
Client OAuth Login
yes
Web OAuth Login
yes
Embedded Browser OAuth Login
yes
Force Web OAuth Reauthentication
no
Valid OAuth redirect URIs
—my urls—
Login from Devices
no
Under Analytics for Apps-------------------------------
Collect the Apple Advertising Identifier (IDFA) with App Events
no
Allow All Analytics Users to See Sensitive Info
no
Thanks for the help guys! Also seems that you need have to have the URL from the bubble platform as well if you want to test it
Thank you for sharing cflux!
I’d strongly recommend setting “Allow API Access to App Settings” to no - your app should work without it and this provides an extra layer of security.
Had you set up the App Domains and Site URL option under “Basic”? For the tutorial, we need those, but you are better off setting the redirect URIs.
Np George, I made the change to the setting “allow api access to app settings” so that it says “no” now and everything still works.
I both of those set up. I only have one entry for the site URL since that’s all it will allow me. Should I have the same entry’s from Valid OAuth redirect URIs in the advanced settings tab also under the app domains in the basic setting?
I thought domain was only for the root URL for the entire website?
For extra security I’d also enable “Require 2-factor Reauthorization”
if you think you need it, enable it by adding web support and adding your app domain. Unfortunately Facebook’s documentation is sparse on that setting.
Nathan, thank you so much for posting this! I was trying to figure out exactly how to get this done, or where to find the information. In fact, it may even help with another problem I have been facing.
@oliver.james603 make sure your client id and secret matches the ones in your bubble pluggin. i made a mistake of using client token as my secret then. your secret is on the dashboard. click show and copy it into bubble.
make your app public from the review section
valid redirect url should be same thing with site url
hope this helps
