I want to whitelist certain users so they can login to our service using FB login by circumventing normal login rules.
I previously asked whitelist users to give me their FB ID before login, then I could add that to a whitelist and check anyone logging into our service again that list. This logic broke with the implementation of app-scoped IDs because I don't know the user's app-scoped ID before they login for the first time. Essentially, I now have no unique identifying info for my whitelist.
Is there a way to get a User's future app-scoped ID from their Facebook ID? Or, to match a a User ID against an app-scoped ID?
I know I can do something like this: https://inkplant.com/code/facebook-app-scoped-user-id, but I need to whitelist the person inside the login request. I don't have time to loop through my entire white-list and check if each whitelist ID has logged in and been given an app-scoped id.
Help? Seems like this is a reasonable use-case that FB overlooked in graph 2.0
I need this in one project too, but i just whitelist users AFTER they login, with their App Scoped ID. You can't match App Scoped IDs with real IDs, so i don't think there is any other way.
The use case is still no problem to implement, you just need to whitelist them later ;)
Btw, i just did a short test in the API Explorer and got the App Scoped ID with a simple call to the real ID with an App Access Token:
...so you could parse the "link", it includes the App Scoped ID in "yyy".