Trouble Logging in w/ Facebook

Hi all I’m trying to set up the log in with facebook and so far I have the api key and the app secret from Facebook and so when I follow the “log in with facebook tutorial” and complete it on my own project, once I click the log in with facebook button, I get this error:

“Given URL is not allowed by the Application configuration: One or more of the given URLs is not allowed by the App’s settings. It must match the Website URL or Canvas URL, or the domain must be a subdomain of one of the App’s domains.”

My Site URL and App Domain both match each other.

However when I do the lesson/tutorial provide by bubble, it works…

Has anyone else had this issue before and know how to resolve it?

Also on another note, Is there a way to invite friends using the current user’s facebook database, ex: I want to be able to invite my friends that facebook knows i’m friends with.


This is a setting in your Facebook app.
0. Go to Select your app.

  1. Make sure the app is enabled in production. Even if it works for you, it won’t work for your users until you do this.
  2. Go to ‘Basic’ settings for your app
  3. Select ‘Add Platform’
  4. Select ‘Website’
  5. Put your website URL under ‘Site URL’. This is the URL up to the page
  6. Then enter your domain in the App Domains area.

This is what my setup looks like for the demo app.

Please make sure to use your own app id and secret and not the ones from the demo!

Post back here if you have more questions!


so i’ve done all of the steps youve mentioned. The only confusing part I might have is for #1, making sure the app is enabled in production. I dont know what you mean by that.

And of course I am using the my own app id and secret. Thanks for looking out though.


If you go to, select your app under My Apps and then choose Status & Review from the left-hand menu for that app, you’ll see a switch that looks like this:

Once you turn it on, everything should run smoothly. Let me know if you have other questions!

Still doesn’t work. My facebook page for the website reads like the one you posted. It reads YES. When i click the button to log on my website with fb, I am directed to a fb page and then this message still pops up.

“Given URL is not allowed by the Application configuration: One or more of the given URLs is not allowed by the App’s settings. It must match the Website URL or Canvas URL, or the domain must be a subdomain of one of the App’s domains.”


1 Like

I experienced this issue this summer…here is what I remember…

first, make sure your OAuth URL’s are listed correctly. OAuth URL’s are the pages(within your app) that have the FB login button. This may be your index page, about page, etc. To find the OAuth settings on your FB developer account: click on settings, go to the advanced tab, scroll down to Client OAuth settings. There, list every URL that has the FB login button.

second, test every setting within the advanced settings tab: OAuth Login settings. Test test test and test again until it works. Also, don’t panic. I remember this being very frustrating for me but it will eventually work.



Thanks Toby, I’ll give it a shot and let you know how it goes

Hopefully it works!

Thank you Toby.
cflux, can you please confirm you have the Client OAuth option also enabled?

Hi George,

Yes, the Client OAuth option is enabled.

I’m trying Toby’s method of trial and error. Ill let you guys know what happens with it.

okay guys so it works now. Listing the url’s in the “Valid OAuth redirect URIs” worked it seems. Here are my settings that I have for it to work.

Native or desktop app?
Is App Secret embedded in the client?
Deauthorize Callback URL

Under App Restrictions -----------------
Contains Alcohol
Social Discovery
Age Restriction
Country Restricted

-----------------Under Security --------
Server IP Whitelist
Update Settings IP Whitelist
Update Notification Email
Client Token
----a lot of numbers that i think may be private? —
Require App Secret
Allow API Access to App Settings
Require 2-Factor Reauthorization

Under Client OAuth Settings -----------------------
Client OAuth Login
Web OAuth Login
Embedded Browser OAuth Login
Force Web OAuth Reauthentication
Valid OAuth redirect URIs
—my urls—
Login from Devices

Under Analytics for Apps-------------------------------
Collect the Apple Advertising Identifier (IDFA) with App Events
Allow All Analytics Users to See Sensitive Info

Thanks for the help guys! Also seems that you need have to have the URL from the bubble platform as well if you want to test it

On to the next thing!


Thank you for sharing cflux!
I’d strongly recommend setting “Allow API Access to App Settings” to no - your app should work without it and this provides an extra layer of security.

Had you set up the App Domains and Site URL option under “Basic”? For the tutorial, we need those, but you are better off setting the redirect URIs.

1 Like

Np George, I made the change to the setting “allow api access to app settings” so that it says “no” now and everything still works.

I both of those set up. I only have one entry for the site URL since that’s all it will allow me. Should I have the same entry’s from Valid OAuth redirect URIs in the advanced settings tab also under the app domains in the basic setting?

I thought domain was only for the root URL for the entire website?

For extra security I’d also enable “Require 2-factor Reauthorization”

if you think you need it, enable it by adding web support and adding your app domain. Unfortunately Facebook’s documentation is sparse on that setting.

1 Like

Good looking out George. Thanks.

Logging in with facebook now seems to be working decently well. i’ll let you know if something else pops up.

1 Like

For all those people who just want to test their apps and are having problems with FB Auth, make sure this is in your Valid OAuth redirect URIs:

Also in this place too:


Important thing to consider:

ALWAYS copy the App Secret while revealed.

Nathan, thank you so much for posting this! I was trying to figure out exactly how to get this done, or where to find the information. In fact, it may even help with another problem I have been facing.

SO helpful!

1 Like

Hi all

I’ve read this thread, still having some trouble. My settings are:



And I get the error:

Any ideas?

@oliver.james603 make sure your client id and secret matches the ones in your bubble pluggin. i made a mistake of using client token as my secret then. your secret is on the dashboard. click show and copy it into bubble.
make your app public from the review section
valid redirect url should be same thing with site url
hope this helps

For Shopify Users:

Please add this below link with in your href.

href=“{{ share_url }}”.

Using this you will get defiantly share product within your store of shopify.