purpose of redirect URI in facebook

Question

I noticed that we supply a URL while creating our app in facebook, so suppose this is URL 1 . Then within our code we supply another redirect_uri,

 $params = array(
    'scope' => $config['facebook_scope']
    'redirect_uri' => $config['root'].'php/class/fbLogin.php'
);

$link = $facebook->getLoginUrl($params);
echo $link;
    header('location: '.$link);

whats the purpose of site URL if we already provide a redirect Uri in our app

2- There is also something called callback URL in the creation of app.

I was just curious to know how thee 3 URls are different from each other

I read about redirect_uri from here

Answer 1

In the oAuth process the redirect uri is where your user will be sent back to once they have authorised (or not) your application. The redirect page will often receive some extra information about authorisation, an auth code, token etc.

The redirect uri has to match the one provided when registering the application for security reasons. This way, even if the applications secret was compromised, an attacked would still have to also take over the redirect page in order to attack user accounts. Attempts to authenticate users with a non-matching redirect uri will result in an error.