I have been tasked to add to the client's web app the facility to update a user's Facebook wall, and email their Facebook friends, and anything else of that ilk which Facebook allows.
(This is all intended to be above board, and nothing will be done without the user's consent.)
Obviously this will be possible only if the user logs into Facebook, and for that purpose I was anticipating the client's app doing a redirect to a Facebook client app, also written by me and which the user could have previously installed for this purpose, and then this app (which would be in effect a login "stub") would simply redirect back to the client's app.
However, it seems that any 3rd Party Facebook app must be run within an IFrame on a Facebook page, and I doubt if the client will be happy with that!
So in summary, does anyone have experience of third-party web apps running outside Facebook, but able to interact with it server-side via the Facebook API. How does one get those login credentials without ending up stuck in Facebook?
Also, even if it is technically possible to break out of an IFrame, and keep the Facebook session data intact, might this be against their T & Cs ?
edit: I gather, and understand why, it is definitely a no-no for a 3rd-party app to prompt for Facebook login credentials, and there is no Login API either (for the same obvious reason - that only Facebook should ever "see" Facebook account passwords). So one must definitely dip into it at some point to login. But my problem is that I don't then want to be trapped there afterwards!
(This is all intended to be above board, and nothing will be done without the user's consent.)
Obviously this will be possible only if the user logs into Facebook, and for that purpose I was anticipating the client's app doing a redirect to a Facebook client app, also written by me and which the user could have previously installed for this purpose, and then this app (which would be in effect a login "stub") would simply redirect back to the client's app.
However, it seems that any 3rd Party Facebook app must be run within an IFrame on a Facebook page, and I doubt if the client will be happy with that!
So in summary, does anyone have experience of third-party web apps running outside Facebook, but able to interact with it server-side via the Facebook API. How does one get those login credentials without ending up stuck in Facebook?
Also, even if it is technically possible to break out of an IFrame, and keep the Facebook session data intact, might this be against their T & Cs ?
edit: I gather, and understand why, it is definitely a no-no for a 3rd-party app to prompt for Facebook login credentials, and there is no Login API either (for the same obvious reason - that only Facebook should ever "see" Facebook account passwords). So one must definitely dip into it at some point to login. But my problem is that I don't then want to be trapped there afterwards!
Comment