auth

The OAuth Dialog is used within the authentication flows to enabled a user to authorize your application and to grant additional permissions to your app. The Authentication is based on the OAuth 2.0 protocol. client_id (required): Your App ID. This is called client_id instead of app_id for this particular method in order to be compliant with the OAuth 2.0 specification. redirect_uri (required): The URL to redirect to after the user clicks a button in the dialog. The URL you specify must be a URL of with the same Base Domain as specified in your apps settings, a Canvas URL of the form https:apps.facebook.comYOUR_APP_NAMESPACE or a Page Tab URL of the form https:www.facebook.comPAGE_USERNAMEapp_YOUR_APP_ID scope (optional): A comma separated list of permission names which you would like the user to grant your application. Only the permissions which the user has not already granted your application will be shown state (optional): An opaque string used to maintain application state between the request and callback. When Facebook redirects the user back to your redirect_uri, this value will be included unchanged in the response. You should use this to protect against Cross-Site Request Forgery. response_type (optional): The requested response type, one of code or token. Defaults to code. If left unset, or set to code the Dialogs response will include an OAuth code which can be exchanged for an access token as per the server-side authentication flow. If set to token, the Dialogs response will include an oauth user access token in the fragment of the URL the user is redirected to - as per the client-side authentication flow. display (optional): The display mode with which to render the Dialog. One of page, popup or touch. Defaults to page. In page mode, the OAuth dialog is displayed in the full Facebook chrome.

https:www.facebook.comdialogoauth?client_id=YOUR_APP_ID&redirect_uri=YOUR_REDIRECT_URL&state=YOUR_STATE_VALUE&scope=COMMA_SEPARATED_LIST_OF_PERMISSION_NAMES