Reputation: 519
Information authenticity on server-side with Facebook API
I'm currently having some experimenting with Facebook API before I'll start developing with it. And i came across an issue..
When there's an API request, it is done between the client side and facebook. And in case the information should be saved on the server, the client side - to my knowledge - is supposed to send the information to the server. But how does the server can know that the information indeed was received from facebook, and that it's not the client side that is trying to fabricate the information? Is there any way that the facebook API will send the information directly to the server, or send it with some signature?
Upvotes: 0
Views: 26
Answers (1)
Reputation: 887867
Correct; you cannot trust any information from the client.
Fortunately, you can use the Facebook API on any platform or language you want.
Upvotes: 1
Related Questions
- How to properly generate Facebook Graph API App Secret Proof in Javascript
- How can Facebook verify Facebook Connect requests?
- Authentication : Facebook user access token validation on server side?
- Implementing Facebook's Graph API without user authentication
- Validating Facebook login on the server
- Facebook app: server-side access token verification
- Check if user facebook ID and session from mobile client are real?
- How to verify user login when using Facebook Javascript SDK
- Verifying Facebook users server-side
- How to verify a users facebook id when making ajax posts to php in facebook app