Facebook login message: "URL Blocked: This redirect failed because the redirect URI is not whitelisted in the app’s Client OAuth Settings."

Important notice:

If you register for testing, go to your profile settings and to your interests add delete profile.

Trying to login with Facebook to my website:

I get the following error:

URL Blocked: This redirect failed because the redirect URI is not whitelisted in the app’s Client OAuth Settings. Make sure Client and Web OAuth Login are on and add all your app domains as Valid OAuth Redirect URIs.

My settings (Basics) in Facebook are:

• App Domains: openstrategynetwork.com
• Site URL for website: http://openstrategynetwork.com/

In the advanced tab, Valid OAuth redirect URIs is set to:

http://openstrategynetwork.com/_oauth/facebook?close

App is public.

More settings (Advanced) here:

App key and secret are correct. I'm using Meteor and its accounts packages.

Solution 1:

As the questioner writes

In the advanced tab, Valid OAuth redirect URIs is set to: ...

and I had the same problem (writing the redirect url into the wrong input field) I would like to highlight that

It's NOT

Settings -> Advanced -> Share Redirect Whitelist

but

Facebook Login -> Settings -> Valid OAuth redirect URIs

It would have saved me 2 hours of trial and error.

You should also have it in mind that www.example.com is not the same as example.com. Add both formats to the redirect URL.

Solution 2:

The login with Facebook button on your site is linking to:

https://www.facebook.com/v2.2/dialog/oauth?client_id=1500708243571026&redirect_uri=http://openstrategynetwork.com/_oauth/facebook&display=popup&scope=email&state=eyJsb2dpblN0eWxlIjoicG9wdXAiLCJjcmVkZW50aWFsVG9rZW4iOiIwSXhEU05XamJjU0VaQWdqcmF6SXdOUWRuRFozXzc0X19lbVhGWUJTZGNYIiwiaXNDb3Jkb3ZhIjpmYWxzZX0=

Notice: redirect_uri=http://openstrategynetwork.com/_oauth/facebook

If you instead change the link to:

redirect_uri=http://openstrategynetwork.com/_oauth/facebook?close

It should work. Or, you can change the Facebook link to http://openstrategynetwork.com/_oauth/facebook

You can also add http://localhost/_oauth/facebook to the valid redirect URIs.

Facebook requires that you whitelist redirect URIs, since otherwise people could login with Facebook for your service, and then send their access token to an attacker's server! And you don't want that to happen ;]

Solution 3:

This worked for me.

redierct_url = http://127.0.0.1:8080/accounts/facebook/login/callback/

I got that from my browser after clicking the Facebook button you browser will be redirected to a link for integrating with Facebook API, so where you will get that redirect. For my case the link was this from where I got the redirect_url.

https://www.facebook.com/dialog/oauth?client_id=...&scope=&response_type=code&state=...&redirect_uri=http://127.0.0.1:8080/accounts/facebook/login/callback/

Solution 4:

Make sure "App Domain" and Facebook Login => Valid OAuth redirect URIs. There you must check www or without www. Its better if you use with www or without for all URLs in php,html,css files and Fb app settings.

Other thing is if you're using "/" end of the URLs you must add that URL to app settings of Valid OAuth redirect URIs. Example:- https://www.example.com/index.php/ if this url if youre using in the redirect url you must set that to app settings.

Hope this would be help.

Solution 5:

In my case, I just had to make sure I have my urls both with and without www for Application Domain and Redirect URLs:

In my case, I had to use: signin-facebook after my site url, for redirect url.