Facebook OAuth "The domain of this URL isn't included in the app's domain"

Question

Let me first start with saying I've searched for an answer to this question for quite some time...

I'm trying to setup Facebook OAuth to work with my application that is being developed locally on my machine. Everything was working perfect with Facebook authorization UNTIL I moved from using localhost to another domain name (still local to my machine.) Now I'm getting the following error.

Can't Load URL: The domain of this URL isn't included in the app's domains. To be able to load this URL, add all domains and subdomains of your app to the App Domains field in your app settings.

My hosts file contains 127.0.0.1 domain.dev (works perfect)

My redirect in my app (using Socialite) is http://domain.dev/auth/facebook/callback

In my Facebook App Settings...

• my App Domain is domain.dev
• my Site URL is http://domain.dev/
• my Valid OAuth redirect URIs is http://domain.dev/auth/facebook/callback

The URL at the time of the error message is..

https://www.facebook.com/v2.5/dialog/oauth?client_id=XXXXXXXXXXXXXXX&redirect_uri=http%3A%2F%2Fdomain.dev%2Fauth%2Ffacebook%2Fcallback&scope=email&response_type=code&state=0ztcKhmWwFLtj72TWE8uOKTcf65JmePtG95MZLDD

I'm at a loss of what the problem is...

Screen Shot 1

Screen Shot 2

Answer 1

In case someone comes across this and is looking for these settings (like I was)

You have to

1. On the left hand side, click "+Add Product" and select "Facebook Login" (it was at the top for me)
2. See the new settings available on the left hand side
3. You will now have these OAuth settings on that "Product Settings"

Additional Info: Make sure to add the Callback URL like http://localhost:3000 to the Valid OAuth redirect URIs field on the settings page of Facebook Login

Answer 2

This usually happens if you have entered the wrong details when you created the App in Facebook. Or have you changed a URL's of an existing App?

Can you please recheck the settings of your APP in this page?

https://developers.facebook.com/apps

1. Select the correct App and click the edit button;

2. Check the URLs & paths are correctly entered and are pointing to the site where you have installed Ultimate Facebook plugin.

Answer 3

I had the same problem. I solved it by adding my OAuth redirect URI as a argument to the getAccessToken function call:

$redirectLoginHelper->getAccessToken("https://www.example.com/myfacebookcallback")

If no argument is sent into that function the SDK generates the redirect URI by itself which should work but in my case it didn't.

Hope this helps someone.

Answer 4

Make sure your app is public. Click on + Add product Now go to products => Facebook Login Now do the following:

Valid OAuth redirect URIs : example.com/

Deauthorize Callback URL : https://example.com/facebookapp

Answer 5

Can't Load URL: The domain of this URL isn't included in the app's domains. To be able to load this URL, add all domains and subdomains of your app to the App Domains field in your app settings.

I had this issue today, I find the Facebook documentation and SDK disrespectful and arogant towards other developers to say the least.

Besides having the "app domains" in two different locations without much information (3 if you add a "web" platform), you also need to go to app products / facebook login / settings and add your redirect URL under Valid OAuth Redirect URIs

The error says NOTHING about the oauth settings.

Answer 6

Here's what I did to solve this issue:

Basically:

1) Enable "Embedded Browser OAuth Login"

2) Disable "Use Strict Mode for Redirect URIs" and enter a redirect URI like the way I did.

3) Leave all the rest of the options as they are.

4) Save your changes.

5) Enjoy :)

Answer 7

Facebook has recently disabled the toggle button for 'Use Strict Mode for Redirect URIs', so you need to add exact URI what's being called when you hit login button. For my case it was as shown in screenshot. It solved the issue for me :)

Answer 8

I had the same problem, and it came from a wrong client_id / Facebook App ID.

Did you switch your Facebook app to "public" or "online ? When you do so, Facebook creates a new app with a new App ID.

You can compare the "client_id" parameter value in the url with the one in your Facebook dashboard.

Answer 9

In my case, things i had to do is only enabling the Embedded Browser OAuth Login

Answer 10

As of 2017-10.

Solution that solved my issue.

Currently that FB renders this surprise.

...app’s Client OAuth Settings. Make sure Client and Web OAuth Login are on...

The settings to adjust are located here https://developers.facebook.com/apps/[your_app_itentifier]/fb-login/.

The trailing slash is important. They must match in your app code and in FB admin settings. So this is a config somewhere in your code (see below how to get any domain name for a dev app):

{
    callbackURL: `http://my_local_app.com:3000/callback/`, // trailing slash
}

and here

To get any domain name for an app on a local Windows machine, edit host file. Custom names are good in order to get rid of all those localhost:8080, 0.0.0.0:30303, 127.0.0.0:8000, so forth. Because some third party services like FB sometimes fail to let you use 127.0.0.0 names.

On Windows 10 hosts file is here:

C:\Windows\System32\drivers\etc\hosts

Backup initial file, create a copy with different name (Doesn't work in native Windows CMD. I use Git for Windows, it has many Unix commands)

$ cp hosts hosts.bak

Add this in hosts

127.0.0.1  myfbapp.com # you can access it in a browser http://myfbapp.com:3000
127.0.0.1  www.myotherapp.io # In a browser http://www.myotherapp.io:2020

In order to get rid of port part :3000 set up NGINX, for example.

Answer 11

Most of the time its happen with not insert proper valid OAuth redirect URL in the product section of the FB dashboard.I suggest follow my bellow steps

01.Check the basic setting of the app is okay with bellow picture with you

02.check whether you have add a product

If not you can easily add log in product by clicking + sine as I show in the bellow.

If Yes just got to inside of the product setting.

03.The check whether you have provide valid OAuth redirect URL

Its simple mean what should after login.It is not other than that your call back URl.You can see in my bellow picture I have added several redirect URLs.

4. have any problem further Watch my video-- > https://www.youtube.com/watch?v=mdhubrzV5y8&t=3s

Answer 12

The way I fixed it: I went to the Valid OAuth Redirect URIs textbox and set the exact URL, not just the domain:

before: https://my-website.com

after: https://my-website.com/facebookoauth/facebooklogin

(the url may be different in your case, check it in the address bar of the browser).

This was caused by the setting Use Strict Mode for Redirect URIs, which was locked in the Yes position.

Answer 13

Click here Code Project! Its Code project example. Its working to me

Answer 14

I had the same problem,

I just added the link of my local adress http://localhost/Facebook%20Login%20Test.html to Site URL in my application setting https://developers.facebook.com/apps.

Now it works fine :) I hope this was useful ;)

Answer 15

Nothing really worked for me, until I updated the SDK version I was using. I started with 5.0. Not even 5.4.0 would not work either. When I updated to 5.6.2, it worked flawlessly, despite there being nothing in the changelogs that was relevant!

Answer 16

This option should be enabled in portal:

Answer 17

In case this helps anyone else, this started happening for me on an older site when "Valid OAuth Redirect URIs" became mandatory. The site was still using the V4 PHP SDK and the problem was resolved for me by upgrading to the V5 SDK.

Answer 18

In the App domain section, you are writing your app domain but you also need to add your login domain i.e. the name of html page where you ask user to login. In my case, I was testing it on localhost and the login route was localhost/login, If I only put http://localhost.com in App domain section, I get this error. But after adding http://localhost/login.com, the error was fixed. and also the App settings has changed in newer version of SDK, in which there is no option for OAuth redirect route. You've to assign the redirect route directly from server side, after successfully getting OAuth token.

Answer 19

This worked for me:

Here's the main thing to understand: Facebook will always check for the "WWW" domain. So make sure www.your_domain.dev is working on your browser first.

It is possible that if you have multiple virtual hosts on your local server, some other virtual host overrides "www.your_domain.dev". So please check that. Apache will pick the FIRST definition of domain (or ports, or something in these terms - I'm no expert on this, but learned by mistakes). An easy quick fix for this virtual host overriding is to put "www.your_domain.dev virtual host definition on the very top of the file "httpd-vhosts.conf".

Go to "/apache/conf/https-vhosts.conf" and put this on the very top of the file:

<VirtualHost *:80>
<Directory "C:/your_app_folder_path/">
    Options FollowSymLinks Indexes
    AllowOverride All
    Order deny,allow
    allow from All
</Directory>
ServerName your_domain.dev
ServerAlias your_domain.dev
DocumentRoot "C:/your_app_folder_path/"
</VirtualHost>

###### FOR SSL #####
<VirtualHost *:443>
    DocumentRoot "C:/your_app_folder_path/"
    ServerName your_domain.dev
    ServerAlias www.your_domain.dev
    SSLEngine on
    SSLCertificateFile "conf/ssl.crt/server.crt"
    SSLCertificateKeyFile "conf/ssl.key/server.key"
    <Directory "C:/your_app_folder_path/">
        Options All
        AllowOverride All
        Require all granted 
    </Directory>
</VirtualHost>

Next: If you are using Windows system, edit your "hosts" file in "C:\Windows\System32\drivers\etc" by adding two lines:

127.0.0.1 your_domain.dev
127.0.0.1 www.your_domain.dev

Next: Restart your Apache server and everything should work now.

---

I hope this will help you and save your time. I wasted almost a whole day searching around the web and was pulling my hair out and couldn't find anything helpful until I found this.

Answer 20

The problem, and the answers, keep changing as FB tightens up the login procedure. Today, I started getting this horror message "The domain of this URL isn't included in the app's domains. To be able to load this URL, add all domains and subdomains of your app to the App Domains field in your app settings."

The answer was: now FB wants the full redirect uri. So for me, where it used to be just https://www.example.com it now wants https://www.example.com/auth/facebook/callback. This has to go in the "Valid OAuth redirect URIs" field (Developer/Facebook login->setting)

Answer 21

Facebook Login -> Settings -> Valid OAuth redirect URIs -> insert the domains of your redirect url, remember you should add 'https' or http. eg: if your redirect url is https://xxx.xxx.com/path/callback.do, you only need to enter https://xxx.xxx.com/, it's ok for me.

Answer 22

I had the same problem.....the issu is in the version PHP SDK 5.6.2 and the fix was editing the following file:

facebook\src\Facebook\Helpers\FacebookRedirectLoginHelper.php

change this line

$redirectUrl = FacebookUrlManipulator::removeParamsFromUrl($redirectUrl,['state','code']);

to

$redirectUrl = FacebookUrlManipulator::removeParamsFromUrl($redirectUrl,['state','code','enforce_https']);

Answer 23

This same Facebook error happened to me in the Production environment. The reason was I had 2 apps registered with Facebook (Local, Production) but I hardcoded the Local app ID into the source code and forgot to switch it out for the Production app ID before deployment.

Best practice dictates you shouldn't have the app ID hardcoded into the source code but if you do, do not mismatch your various Facebook app IDs like I mistakenly did.

Answer 24

Using my own local server.

Simply adding http://localhost/my-site as a URL in:

https://developers.facebook.com/apps/YOUR-APP-ID/fb-login/

worked for me.

Answer 25

first step: use all https://example.in or ssl certificate URL , dont use http://example.in

second step: faceboook application setting->basic setting->add your domain or subdomain

third step: faceboook application login setting->Valid OAuth Redirect URIs->add your all redirect url after login

fourth step: faceboook application setting->advance setting->Domain Manager->add your domain name

do all this step then use your application id, application version ,app secret for setup

Answer 26

on Magento 2 Social Login extension, you have to copy Valid OAuth redirect URIs from the panel and add the link to Valid OAuth Redirect URIs field in Client OAuth Settings page at developers.facebook.com

Answer 27

If your game has no server/site (e.g. if you develop for Gameroom like me) - add "https://apps.facebook.com/xxxxxxxxxxxxxxxxx" (put your app ID instead of "xxxxxxxxxxxx") to "Valid OAuth Redirect URIs".

Answer 28

in my case, i solved this issue by adding the full URL and not only the domain as facebook ask. i hope that they will rename it for more clarification. so the Valid OAuth Redirect URIs should be like so:
Before: https://www.mobile-battles.com
After: https://www.mobile-battles.com/register

Answer 29

The Meta for Developers interface currently provides two places where you can enter the domains for your app: the Basic settings under "App domains", and the Advanced settings under "Domain Manager". The SDK might not recognize your domain if it is listed in just the Domain Manager.

Answer 30

If you are using AWS Cognito then add the URL https://<your-user-pool-domain>/oauth2/idpresponse to the Valid OAuth Redirect URIs in Facebook Login -> Settings

Answer 31

I read through maybe every answer on the internet and nothing worked in my case.

I kept getting this error:

JSSDK Unknown Host domain The Domain you are hosting the Facebook Javascript SDK is not in your app's Javascript SDK host domain list. Please specify your host domain in App dashboard login settings.

But in the end, I found a solution. By the time of writing this (late October 2022) the fix in my case was this:

1. Go to https://developers.facebook.com/apps/your-app-id-here/fb-login/settings - note: this url might change in the future. Just go to your developer's app -> Products -> Facebook Login -> Settings
2. Search for Allowed Domains for the JavaScript SDK
3. I had my url written in this way: https://www.website.com/. After I added the non-www version everything worked out! https://website.com/

Hope this fixes the issue for somebody else too!