Can I de-authorize a Facebook app and log the user out at the same time?

Question

I want to log the user out of my app and remove their permissions

I'm currently using the JS-SDK and have no Server Side Logic.

I know I can log a user out with FB.logout()

I can also revoke their permissions using FB.api('/me/permissions', 'DELETE') to "de-authorize" the app

The problem is, I cannot seem to do both. Each seems to prevents the other from working.

EXAMPLES:

• Calling FB.api('/me/permissions', 'DELETE', function(){FB.logout()});

  results in the following error:

  "Refused to display document because display forbidden by X-Frame-Options."

• Calling: FB.logout(function(){FB.api('/me/permissions', 'DELETE');})

  results in the user being logged out, but the permissions remain.

Answer 1

Answering my own question:

After doing a fair amount of research and experimentation, I've concluded that there is no reliable way to do this.

I was able to determine that the following code works - though I wouldn't recommend its use in a production app.

FB.logout();
FB.api('/me/permissions', 'DELETE');

Apparently calling them one after another works (vs. doing it with callbacks). Once either of them finishes it prevents the other from starting, but if I make the asynchronous calls in quick succession it seems to let both succeed.