Should I key off of Facebook UID's or third party ID's in a web app with Facebook membership?
https://stackoverflow.com/questions/4632275
-
08-10-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I'm just hoping to clarify the whole facebook UID issue, here.
It talks about using third party id's (generated by facebook, per app/user) instead of facebook uid's. But it's not entirely clear to me. It sounds like they're referring to scenarios where my web app would need to send id's to a third party...
Keying off of the facebook UID is easy (using Facebook C# SDK, fbApp.SessionUserId). But, if it's going to break their terms... how do we start using the third party id instead?
Solution
You are correct that the third-party-id is only for sharing or anything that is publicaly accessible. Personally, I would store both. Use the facebookid as your user's key, but keep the third party Id for thinks like link tracking, etc. The Facebook Id is going to be the most efficient because, as you pointed out, that is the id you get with the cookie or signed request. Just make sure you never put the FacebookId anywhere that others could see it.
