14

How can I allow a user to revoke access to my application using their API service, SDK. http://developers.facebook.com/docs/sdks/

Looking at the documentation I can't find anything about revoking the access.

kapa
  • 77,694
  • 21
  • 158
  • 175
Frank
  • 1,844
  • 8
  • 29
  • 44
  • For further reading I found this useful https://developers.facebook.com/docs/howtos/login/server-side-logout/ – DanH Jan 04 '13 at 07:52

4 Answers4

32

For the FB JavaScript SDK:

FB.api('/me/permissions', 'delete', function(response) {
    console.log(response); // true
});
Zach Lysobey
  • 14,959
  • 20
  • 95
  • 149
  • 2
    API link: https://developers.facebook.com/docs/facebook-login/permissions/v2.4#revokelogin – Doug S Aug 20 '15 at 03:31
  • what about PHP SDK ? – Az.Youness Apr 20 '17 at 09:42
  • The net effect is you are logged out of an App but not out of facebook; Your status with respect to the App then becomes 'not_authorized'. This is not at all clear, from the FB DOCO (someone correct me if i am wrong). – joedotnot Dec 27 '19 at 03:04
18

in the graph API for the user object you can issue an HTTP DELETE request to /PROFILE_ID/permissions to revoke authorization for an app.

from the official documentation (developers.facebook.com/docs/reference/api/user/):

You can de-authorize an application or revoke a specific extended permissions on behalf of a user by issuing an HTTP DELETE request to PROFILE_ID/permissions with a user access_token for that app.

Parameter Description Type Required permission The permission you wish to revoke. If you don't specify a permission then this will de-authorize the application completely. string no You get the following result.

Description Type True if the delete succeeded and error otherwise. boolean

Zach Lysobey
  • 14,959
  • 20
  • 95
  • 149
thermz
  • 2,386
  • 3
  • 20
  • 28
  • What's nice is you can do this server or client side. Whatever way you want. – DMCS Jan 29 '12 at 01:55
  • 1
    The correct link to the API is: https://developers.facebook.com/docs/facebook-login/permissions/v2.4#revokelogin – Doug S Aug 20 '15 at 03:31
5

For anyone who would find this helpful, I was losing sleep and wrecking my brain for days trying to get this to work;

FB.api('/me/permissions', 'DELETE', function(response) {
    if (response == true) {
        window.top.location = 'logout-facebook.php';
    } else {
        alert('Error revoking app');
    }
});

I finally got this to work when I observed that the "response" being returned was not a boolean but a JSON object.

The JSON object being returned was either;

{
    success: "true"
}

OR

{
    success: "false"
}

Following that, the correct code was;

FB.api('/me/permissions', 'DELETE', function(response) {
    if (response.success == true) {
        window.top.location = 'logout-facebook.php';
    } else {
        alert('Error revoking app');
    }
});

Hope this helps someone!

Humble Hermit
  • 125
  • 1
  • 8
0

With PHP SDK V 5

$DeletePermsUser = $fb->delete('/{user-id}/permissions/',[],$access_token);
Mario Gonzales Flores
  • 695
  • 7
  • 16