Sunday, October 3, 2010

Facebook API Error Code 100: "Next is not owned by the application"


Since we're going to open registration for OpenCF Summit before long and launch what I'm calling our "Engage" application for OpenCF Summit (the name may change), I decided to dig into the Facebook API a bit so we can let people sign in using their Facebook account. We'll also be supporting Twitter and Google sign-ons, but Facebook seemed as good a place as any to start since I saw The Social Network last night (which was completely amazing by the way).

Since the vast majority of my apps at work are behind a firewall this is my first foray into integrating any of the social networks' logins into my own applications. Facebook makes it dead simple to get going, but once I registered my application and tried the login button, I was getting the following error:

API Error Code: 100
API Error Description: Invalid parameter
Error Message: next is not owned by the application.


I did some searching and came up with a bunch of potential solutions that didn't seem to be relevant any longer since the settings they suggested changing don't exist anymore. After a bit of poking around on my application settings on Facebook I noticed my site domain on the Web Site settings tab was blank. I put opencfsummit.org in there (since I'll want the login to apply to all subdomains on that domain), and that resolved the problem for me (see screenshot).

The other thing I was testing with this was to make sure everything worked from Google App Engine, since we may incorporate the Engage app with the main web site, which runs on Open BlueDragon for Google App Engine. I was pleased to see everything worked perfectly, at least so far.

I'm sure some of the other solutions I found will work in other situations, but since none of them seemed to apply for me and this was a fresh application with Facebook's own sample code, I thought someone else might run into this same issue and figured I'd share.

15 comments:

Anonymous said...

hey matt,ive same problem, but your solution dont help..if you have time and fun mail me for ideas :)

Anonymous said...

Hi, I too have the same problem but the solution you provided didnot work on me...Anyway, its good that it worked on your app...

Matthew Woodward said...

When I was hunting around for solutions I saw some other possible fixes, but many of them unfortunately were pretty old and talked about settings that no longer even appear in the app settings page on Facebook. Lots of people talked about setting a post-authorize redirect URL on the Canvas page, but I don't even see that option for my app.If you google that error message you'll get quite a few different solutions--the bad news is it might take a while to wade through them to find the one that works for you.I'll post again here if I run into any others that might be worth trying. Sorry this didn't work fro you!

Shunmuga Sureshp said...

It's work fine

Christine Lei said...

Thank you so much. I added the domain and it worked for detect login and out.

Christine Lei said...

do you need to keep your site the same authenticate status as with fb? Or you could just use fb's authentication as a verification of a valid user(or email) and then use your own authentication to your website?

Matthew Woodward said...

@Christine -- I've been debating that myself. What I think I'm going to wind up doing is relying largely on Facebook both for authentication and basic user data, and then store only the bare minimum data in my application's database.So for example my application will allow for "local" (meaning local to the application only) accounts to be created, so those accounts will have a username and password as a login. If someone is using their Facebook account to log in, then that record in the database will not have a username and password since I'm using Facebook for authentication.My local database will likely have fields for the oauth provider (facebook) and the oauth id just so I have a record, and then I might grab some additional info like first/last name to store locally just in case I need it. But the more I've thought about it, the more I don't think I even need that since I can get that from the user's Facebook information once they log in. You've probably messed around with getting the user's profile from their cookie once they log in, and for my purposes at least that'll be everything I need.I'll be sure and blog about the solution I came up with once that piece of the application is built out.

CatchtheMoment Dotpl said...

Hello there, it worked !! I have spent so many hourz on it grrrrrrrrrr !:PHad the same problem as U Matt. Check out my parties and pics and give me some feedback how can I use the application further to make more attractive community my profile username is catchthemomentThx c Ya and good luck.btw. for those who still struggle make sure to place files from fb libraries and check the paths, I have just connected wordpress based blog/website with fb, and all the available plugins didn't work as well as the tools given by the platform. So my advise check the api settings carefuly.

Christine Lei said...

Hi Matt,My system have users start with local login. The unique identifier is their email. Now the fb login is added in. All the system need besides public info from fb user is an email. Users start with local login can start to use their fb login anytime and see the same data as long as their fb accounts use the same email. Users start with fb login can create a password later to use local login with the same email as fb.System will detect their login path and authenticate them accordingly.

Matthew Woodward said...

Excellent Christine! Thanks for the additional information. I'm going to be implementing this in my application this week so I really appreciate the details on how you're handling it.

cegme said...

Thanks a lot for this!!

Valentino Pistis said...

Hi,I am preparing a web application for facebook, as a project for a university examination. I had the same problem and I think I have solved with your advice ... I entered the correct url nelmodo. I still noticed that the error is related to the fact that I was doing some tests on my computer, then the url for this 127.0.0.1e facebook got crazy :-)Do you have any advice for me to use the facebook login as you did in your blog? Should I use it for my project ...Thank you so much!!

Matthew Woodward said...

Hi Valentino--I run my blog on Posterous (http://posterous.com) so I didn't write the blog code, but I am using Facebook (and twitter) logins for another application I wrote.It's definitely convenient to let people use Twitter and Facebook to log into sites, though you have to be aware of what permissions you're requesting. I had some people push back about things like offline access, post on my behalf, etc. so I just make sure to always let them confirm what will or won't be posted to their accounts and never post to their wall or tweet without them being able to say no.

Valentino Pistis said...

Ciao Matthew--thanx for your response... i think like you the facebook login it's more convenient! I making some method in Java from Facebook SDK Javascript for manage the user login, but i find some problem, have you some advice to give me?I use the GWT framework, it's a school test...Thanx so much...in advance

Matthew Woodward said...

I've only used the Facebook JavaScript stuff, and for Twitter I've been using twitter4j, so I'm not sure I'd be able to help much beyond that.