I have been using facebook login for my Django App. Recently facebook had updated its security feature, by enabling Strict Mode for all apps. After this change users are not able to login into site as it says below error
Can't load URL: The domain of this URL isn't included in the app's domains. To be able to load this URL, add all domains and sub-domains of your app to the App Domains field in your app setting
But the domain name in App domain setting is fine. I think i am doing mistake in redirct_uri setting. I read lot of discussion on Facebook Developers group , but couldn't found the solution. Can anyone please help me out
Finally figured this out! On the page where your error comes up (screenshot below) you will notice a url parameter called "redirect_uri" You need to copy this text, then decode it using a site like this: url-encode-decode.com. Finally you will need to use that exact text as your "Valid oauth redirect URIs" field.
Important: At first, when I did this, I noticed that the redirect_uri
parameter contained a parameter called redirect_state
, which changed each time you log in.
This makes it impossible to list ALL the Redirect URIs in Facebook Login Configuration. If you see a redirect_state
parameter, you will need to update your social-auth-core
Python package to a version > 1.6 (I got this information from here)
Once you do that, you will have a Redirect URI without parameters on the Facebook error page, which will work for you.
The following are working for me AFTER updating to social-auth-core
version 1.7: