Creating a custom Facebook application
Register an application
For additional assistance, see the Facebook app registration documentation.
- Visit the App Dashboard, log in, and convert your account into a developer account if necessary.
- Select "Add a New App" or "Create App."
- Choose a user-visible name and contact email.
- Submit the form. A valid example app:
Configure your application
- After creation, you should see a list of products to add. If you don't, view your application from the dashboard and scroll down to "Add a product."
- Select "Set Up" for Facebook Login.
- On the left hand navigation, select Facebook Login then choose "Settings" below it.
- Add to "Valid OAuth Redirect URI"
- Save the Facebook Login settings page. Final configuration should match:
- Select Settings on the left hand navigation, then choose advanced.
- Fill out additional settings for your application.
- ngrok does not support Server IP allowlisting.
- Enable "Require App Secret". See documentation for how to call Facebook Graph API with this feature.
- Save settings. A minimally complete security section of advanced settings:
- Visit basic settings on the left hand navigation.
- At the top, save your App ID and App Secret for later.
- Select a category for your application.
- Hit save changes. A minimally complete basic settings:
- Select the toggle for "In development" at the top of the page and confirm switching to live mode.
- Your application should now show as live:
Update your endpoint configuration
- Return to the ngrok dashboard and create or edit an OAuth edge configuration module.
- Choose to use your own application with Facebook as the provider.
- Include the app ID and app secret that were stored earlier.
- Add any scopes required by your application.
- Add the
Additional application setup information
User permission revocation
Facebook allows revocation of any permission as part of the authorization flow. ngrok will enforce that users initially grant all configured permissions. However, at any time after endpoint authorization, users may selectively revoke permissions. If your application requires more than the