Facebook Login :Can't Load URL The domain of this URL isn't included in the app's domains

Question

I know many such questions have already been asked tried a lot then after posting the question. My Problem is still unresolved.

I have a web application where I embedded the Facebook login using Oauth Authentication. I used the following code for help Facebook login with Java

Till last month it was working fine but from few days we are coninuously getting the Error : -

Can't Load URL The domain of this URL isn't included in the app's domains. To be able to load this URL, add all domains and subdomains of your app to the App Domains field in your app settings.

**Setting used are following:-
  Website url : **https://www.enggheads.com/**
  App Domain   :  **enggheads.com**
   Redirect uri : 
      1. https://www.enggheads.com/#!login
      2. https://www.enggheads.com/#!signup**

SCREENSHOTS:

So, I just want to know whats the issue why I am facing this problem. Is there something which I am missing in the settings section?

UPDATE

Code flows :

Step1. On button click url called--->

"http://www.facebook.com/dialog/oauth?" + "client_id="
                    + FB_APP_ID + "&redirect_uri="
                    + URLEncoder.encode(REDIRECT_URI, "UTF-8")
                    + "&scope=public_profile ";

I am receiving error on this very part where it gives error Can't Load URL The domain of this URL isn't included in the app's domains. To be able to load this URL, add all domains and subdomains of your app to the App Domains field in your app settings.

Answer 1

I want to share 2 ways for making solution. Hope it will solve your issue.

Solution 1:

Facebook now roles some features as plugins. In the left hand side select Products and add product. Then select Facbook Login. Pretty straight forward from there, you'll see all the Oauth options show up.

OR,

Select Products and add product. Then select Facbook Login.

Then added http://localhost:3000/ to the field 'Valid OAuth redirect URIs', and then everything worked.

Solution-2:

It usually happens if you have entered the wrong details when you created the App in Facebook. Or have you changed a URL's of an existing App?

Can you please recheck the settings of your APP in this page?

https://developers.facebook.com/apps

1. Select the correct App and click in the edit button;
2. Check the URLs & paths are correctly entered and are pointing to the site where you have installed Ultimate Facebook plugin.

Credit goes to Lei lionel

UPDATE1:

I think your access token already expires. So you need to extend access token. For this, please go through this link:

1. Extend Facebook access token (make it 60days last)
2. Expiration and Extension of Access Tokens

Resource Link:

1. Generate "never-expire" access token for Facebook Page
2. Do Facebook Oauth 2.0 Access Tokens Expire?

UPDATE2:

I just want to ask 1 thing more is it possible the app domain error has smthng to do with access token expiration time?

Ans:

Generating Long-Lived User Tokens from Server-Side Long-Lived Tokens

Facebook has an advanced option for obtaining long-lived access tokens for apps that:

1. Have their own authentication system (using a username/password for example)
2. Store, on their servers, a Facebook access token for people using it that they send to different clients (browser or native mobile apps)
3. Make API calls from all of those clients

If your app is set up like this it should use the process described here to obtain an access token from each client to avoid triggering Facebook's automated spam systems. The end result will be that each client will have its own long-lived access token.

At a high level, this is how you can obtain a long-lived token from the client:

1. Make a call to Facebook's server from your server using a valid and current long-lived token to generate a code. (This assumes you've already obtained a long-lived token via Facebook Login. If the token you're using is invalid or expired, you'll have to obtain a new one by making the person using your app log in again.)
2. Securely send that code to the client.
3. The client then exchanges the code for a long-lived token.
4. The client can use the long-lived token to post stories or query data.

Getting the code

Using a long-lived user access token, make a call to the following endpoint:

https://graph.facebook.com/oauth/client_code?access_token=...&client_secret=...&redirect_uri=...&client_id=...

You need to give input: access_token, client_secret, redirect_uri and client_id.

Response will be:

The response will look something like:

{"code": "...."}

Redeeming the code for an access token

Once you've retrieved the code from Facebook's server you then need to ship it to the client via a secure channel. Once that's done, you need to make a request from the client to this endpoint:

https://graph.facebook.com/oauth/access_token?code=...&client_id=...&redirect_uri=...&machine_id= ...

The call requires the following arguments:

client_id - Yes

code - Yes

redirect_uri - Yes

machine_id - No

The response will look like:

{"access_token":"...", "expires_in":..., "machine_id":"..."}

Answer 2

I had such trouble because in the oauth redirection URL I only put : - http://example.com/#/redirect-url whereas I also had to put : - http://example.com

Even if I only want to redirect to /#/redirect-url. Maybe the ajax sites cause troubles.

Answer 3

My issue was in that I not specified redirect_uri which is required if user not logged-in with Facebook.

Answer 4

Set No : Use Strict Mode for Redirect URIs

Also keep Valid OAuth redirect URIs : same as your main url

Answer 5

If you have dynamic query parameters in your redirect uri then those should go in the state parameter in the authorization request.

For details check my answer to a similar post.