Before integrating web applications with social networks you should know answers to following questions:
- Is it reasonable to integrate a social network into your website?
- What advantages it brings?
- What’s the overall purpose of it?
In this post we’ll look at some examples of Facebook authentication and explain how it works.
Many online services allow users to log in into a system with their social network account (e.g. Facebook). This is quite convenient for users as they don’t have to create separate account for each service. Beside just confirming identify of the user these services retrieve user’s basic personal data (e.g. name, age, gender and so on). However, some services ask for additional data about their users, so we would consider such cases and examine the technology and design. Let’s use the services Airbnb, Couchsurfing and Expedia as an example.
All of them allow using Facebook for authentication
When you register, they all request additional information from your profile.
|Data Request||Facebook permission||Airbnb||Couchsurfing||Expedia|
As can be seen from the table, Airbnb collects more information about users than Couchsurfing and Expedia.
You can review the information that Airnbnb collects with Graph API Explorer.
Just get access token and submit fql query.
The FQL query would look like this:
SELECT uid, name, sex, email, birthday, hometown_location, current_location, friend_count, education, interests FROM user WHERE uid = me()
SELECT uid2 FROM friend WHERE uid1 = me()
SELECT url FROM url_like WHERE user_id = me()
Personal data collected by a service is used serve personalized content (including ads). This way, additional information about a user makes the service more convenient to use.
For example, Couchsurfing uses this information to provide their users with geo targeted content.
The authentication through a social network alone allows any web service to find out a lot of information about the user, as well as guess consuming habits.