Given URL is not allowed by the Application configuration Facebook application error

Question

Given URL is not allowed by the Application configuration.: One or more of the given URLs is not allowed by the App's settings. It must match the Website URL or Canvas URL, or the domain must be a subdomain of one of the App's domains.

I have researched the most popular questions on SO already (Question 1, Question 2, Question 3, Question 4, and Question 5)... None of them help with my situation.

I have the application settings laid out like this...

App Domains: azeverything.com
Sandbox Mode: Disabled
Website with Facebook Login
Site URL: http://azeverything.com

****App Domains*** requires that no protocol be identified and Site URL requires that a protocol be identified.*

I have tried using www.azeverything.com and that didn't work either. Everything seems to match up. By the way, this is a WP site. I'm not developing locally either. It's all live.

Yes. I just verified. Everything's lined up. I even tried a completely different plugin. Still the same error, which tells me it's Facebook. — Millhorn, Sep 30 '13 at 18:03
Your login button “powered by LoginRadius” opens a URL of the format `https://azeverything.hub.loginradius.com/requesthandlor.aspx?apikey=…`, and that redirects to the login dialog with a `redirect_uri` value of `https://azeverything.hub.loginradius.com:443/socialauth/validate.sauth` – and that _is not_ your app domain at all. So go ask “LoginRadius” how that is supposed to work. — CBroe, Oct 29 '13 at 13:40
you might want to clarify whether you are embedding a like button or allowing users to login using facebook. Which of the two top voted answers below applies depends on that. — Ed Sykes, Jul 01 '15 at 11:01

score 83 · Accepted Answer · edited Apr 14 '16 at 19:20

83

Try to check at Settings > Advanced. At Valid OAuth redirect URIs, make sure you have a correct domain.

Hope it works.

edited Apr 14 '16 at 19:20

hd1

33,938
5
80
91

answered Jan 20 '14 at 15:03

Phat H. VU

2,350
1
21
30

19

Could someone elaborate on this answer? It has a lot of upvotes, but I think there might be some language barrier. I don't know what 'make sure you have a correct domain of let it empty' means. What should that value be? – thumbtackthief May 18 '14 at 20:12
2

It means you have to double check that this option contains the exact domain of your application. If you leave it empty all domains will be accepted – coorasse Jul 22 '14 at 09:25
1

@thumbtackthief If it's empty, your app will accept authorization requests from any site. If you clear that field and it works, then you know you have the wrong value there. – Michael Blackburn Feb 07 '15 at 21:13
this works if you are using facebook as an oauth login provider – Ed Sykes Jul 01 '15 at 11:01
1

Cannot leave it empty - fb throws an error message - cannot save settings – Armand P Nov 09 '15 at 15:35

Hitesh · Answer 2 · 2016-11-09T11:46:30.617

25

You need to add the URL to your app:

Go to the app, you want for user login, on the Facebook Developers page
Click on the settings tab
Click add platform
Select Website
After selection it will ask for some details such as URL for your website which uses login with facebook feature, fill the form and submit it

That's all and you are done. Make sure that the app's URL is the same from where you're logging in.

edited Nov 09 '16 at 11:46

answered Jan 31 '14 at 10:09

Hitesh

379
4
11

1

is it possible to add more urls? – Michal - wereda-net Feb 03 '14 at 15:38
1

No it is not possible to add more urls? You have to create another new app for another website. – Hitesh Feb 14 '14 at 07:35
1

I didn't know it had to be the same login place i.e. `www.mysite.com/account/login` that fixed it for me! thanks – J86 Apr 14 '15 at 22:34
this works if you are embedding a facebook like or comments – Ed Sykes Jul 01 '15 at 11:02
I already add platform, and still see this error. What else should I look into ? – code-8 Mar 31 '16 at 12:16
Have you followed all the steps correctly? I mean, have you given the correct URI while configuring, @ihue? – Hitesh Apr 02 '16 at 13:43

gakuru · Answer 3 · 2014-05-26T11:21:30.557

Under Basic settings:

Add the platform - Mine was web.
Supply the site URL - mind the http or https.
You can also supply the mobile site URL if you have any - remember to mind the http or https here as well.
Save the changes.

Then hit the advanced tab and scroll down to locate Valid OAuth redirect URIs its right below Client Token.

Supply the redirection URL - The URL to redirect to after the login.
Save the changes.

Then get back to your website or web page and refresh.

score 5 · Answer 4 · answered Feb 07 '15 at 21:22

5

This is a basic breakdown for slow people like me, and I didn't see this mentioned before.

The "redirect uri" isn't the place where you're redirecting to, but where it's coming from.

Say you have your app at http://myFBapp.com listening to /auth/facebook, and after they log in, redirecting them to /UserLoginHooray. The "Valid OAuth redirect URIs" should read http://myFBapp.com/auth/facebook, not http://myFBapp/UserLoginHooray.

Explanation: HTTP Requests that have been redirected (302) include the original address in the header, so Facebook is merely putting a very basic layer of security on the request.

answered Feb 07 '15 at 21:22

Michael Blackburn

3,161
1
25
18

+1 for explanation. I have several clients using my PHP application, but only one of them was getting this error and it only happened after he got a new mac. When I put in the full URI (e.g. ihttp://app.my-page.com/full/uri/value) in "Valid OAuth redirect URIs", it suddenly worked. Ty! – ray Feb 10 '15 at 02:48
1

Fantastic! After an hour or two of hunting around and trying things, THIS, THIS and the wonderful explanation solved my problem. I now have another but that's java code related. You, sir, are awesome. – null Nov 07 '15 at 20:35

score 4 · Answer 5 · answered Apr 21 '14 at 23:38

I chased my tail on this issue for hours. My coder and I could login with FB without a problem but my wife couldn't. She would get this topic's subject message. I tried every setting and URL that I could think of for my Lavarel app.

My issue was that my wife was signing in from:

http://www and we were using http://

A short trip to CPanel and a redirect fixed that. Hope this helps someone!

For Lavarel these FB app settings worked for me:

Settings/Basic - App Domain: mydomain.com ,  Site URL: http://mydomain.com/login.

Settings/Advanced - Client OAuth Login: Yes. 

Settings/Advanced - OAuth redirect URIs: http://mydomain.com , http://mydomain.com/login.

App Details/App Center listed platforms = No.  I'm only using the login for now.

score 3 · Answer 6 · answered Nov 01 '13 at 13:32

I have a website with facebook login.
It has been stable and working for months. No code change has happened for weeks. Then, suddenly, the facebook login gives an error message:

Error
Given URL is not allowed by the Application configuration.: One or more of the given URLs is not allowed by the App's settings. It must match the Website URL or Canvas URL, or the domain must be a subdomain of one of the App's domains.

After debugging "for awhile", I reset my facebook app secret and it started to work again!

score 2 · Answer 7 · answered Feb 10 '15 at 17:59

Michael Blackburn's answer helped me resolve my issue, but I want to give more detail on my fix.

I have a php app that posts to a user's FB page.

I own two domains:

http://app.my-web-app.com
http://app.mywebapp.com (no hyphen)

I built my site off the first domain because it read better IMHO (at least it did at the time).

Some users typoed the url so I bought the second one with no dashes for that reason.

So, one of my users was having the "Given URL" error.

Turns out he was going to http://app.mywebapp.com and the rest of them were going to http://app.my-web-app.com

I fixed everyone by adding all possible redirect URIs: enter image description here

Granted, there are 100 better ways to implement this, but here is the workaround for now.

score 2 · Answer 8 · answered Oct 15 '15 at 20:09

1.Make Sure Website Url and platform added, if not then visit https://developers.facebook.com/quickstarts/ then Select Platform -> Setup SDK -> Website Url And so on..

Note: website url can't be like this : https://www.example.com just remove www and make it simple and working ;)

2.Goto App Dashboard -> Setting -> Click on Advanced Tab then go to bottom of the page and enable Embedded Browser OAuth Login and leave Valid OAuth redirect URIs blank and Save it

Master Ace · Answer 9 · 2018-04-05T02:54:55.520

I found Valid OAuth Redirect URIs under PRODUCTS then Facebook Login > Settings not as everyone is stating above. I am supposing this is a version issue.

It still didn't work for me. I guess I really have to add Android Platform rather than just the Website. This is annoying because my app is still in development mode :(

UPDATE: I'm using Expo to develop my react-native app and used info provided here: https://developers.facebook.com/apps/131491964294190/settings/basic/ to set up the Android and iOS platforms. This resolved the issue for me.

Md. Yusuf · Answer 10 · 2014-02-23T08:38:07.983

1

Sometimes this error occurs for old javascript sdk. If you save locally javascript file. Update it. I prefer to load it form the facebook server all the time.

edited Feb 23 '14 at 08:38

answered Feb 18 '14 at 06:50

Md. Yusuf

502
2
6
20

score 1 · Answer 11 · answered May 02 '14 at 05:43

1

Go to facebook developer dashboard Select settings -> select WEB(for website) -> Add platform Add your site URL.

This should resolve your issue.

answered May 02 '14 at 05:43

user3059993

324
1
4
9

score 1 · Answer 12 · answered May 14 '14 at 22:38

1

So... facebook distinguishes pretty harshly between http and https in your app. This is just another small thing to check if you run into trouble.

answered May 14 '14 at 22:38

Joe Susnick

6,544
5
44
50

score 0 · Answer 13 · answered Apr 30 '14 at 07:05

0

I solved this issue by specifying correct site URL in my App Settings. It works fine now. You have to specify your website Url such as http://www.xyz.com/

answered Apr 30 '14 at 07:05

Sagar Bhosale

407
1
5
19

score 0 · Answer 14 · answered Nov 01 '14 at 07:05

0

Under advanced tab make sure "Valid OAuth redirect URIs" contains valid URI or leave it empty(not recommended)

"http://example.com/"

instead of

"http://www.example.com"

answered Nov 01 '14 at 07:05

Parvindra Singh

53
2
10

score 0 · Answer 15 · answered Dec 11 '14 at 17:41

sometimes you need to check your code (the part of redirect)

$helper = new FacebookRedirectLoginHelper('https://apps.facebook.com/xxx');
$auth_url = $helper->getLoginUrl(array('email', 'publish_actions'));
echo "<script>window.top.location.href='".$auth_url."'</script>";

if any changes happens there (for example, the name of your application "https://apps.facebook.com/xxx" in relation the application settings in facebook, you will get the above error

score 0 · Answer 16 · answered Apr 19 '20 at 12:34

For Android Developers,

Make sure you have enabled Facebook Login inside the Products list inside Dashboard of your Facebook project app and have added all the required details as you go through the whole flow.

The login should work without giving the same error.

Given URL is not allowed by the Application configuration Facebook application error

16 Answers16

Linked

Related