Home/ Questions/Q 7673773
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-31T16:35:23+00:00

I’m following Ryan Bate’s instructions for using Omniauth to set up third party authentication,

  • 0

I’m following Ryan Bate’s instructions for using Omniauth to set up third party authentication, except that I’m trying it with Facebook rather than Twitter, which he sets up in RailsCast 235.

After installing omniauth-facebook gem, and setting up the initializer

Rails.application.config.middleware.use OmniAuth::Builder do
    provider :facebook, 'APP_ID', 'APP_SECRET'

end

I should be able to go to localhost:3000/auth/facebook and be presented with the Facebook login (even though it won’t eventually work because we haven’t set up the callback url yet) However, when i go to that url, I get this error

{
   "error": {
      "message": "Error validating application.",
      "type": "OAuthException",
      "code": 101
   }
}

and the url actually changes to

https://graph.facebook.com/oauth/authorize?response_type=code&client_id=APP_ID&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fauth%2Ffacebook%2Fcallback&scope=email%2Coffline_access

On my app, I’ve set up Devise and followed the instructions on the Devise wiki for integrating Facebook authorization https://github.com/plataformatec/devise/wiki/OmniAuth:-Overview

Can anyone tell me what the problem might be?

Doing a Google search on the error message revealed that quite a few people have experienced this problem in recent weeks but couldn’t find anyone with a solution
enter image description here

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I searched for 101 and I stumbled upon this page. As you can see, that error stands for Invalid API key, so I believe that the problem lies in where you defined your key.

    You should set up your key and your secret in a separate file (for clarity and security) but be mindful that Rails loads files in alphabetical order so the file that defines those constants should have a name that comes before the file that configures the oauth connection. In my case, I created a file called constants.rb, which comes before devise.rb. Also, make sure to keep this file away from source control. You don’t want other people to have your keys and secrets.

    # config/initializers/constants.rb
FACEBOOK_KEY = 'string'
FACEBOOK_SECRET = 'string'

    Then configure your connection in your devise file if you are using devise or in your omniauth file if you are using simple omniauth:

    # config/initializers/devise.rb|omniauth.rb
require 'omniauth-facebook'
config.omniauth :facebook, FACEBOOK_KEY, FACEBOOK_SECRET

    Now, there is a better way to do this using ENV variables. I recommend the Figaro gem as it really simplifies configuring apps.

    If you want to display the facebook dialog page as a popup, you’ll want to use

    config.omniauth :facebook, FACEBOOK_KEY, FACEBOOK_SECRET, :display => 'popup'

    And follow this question later down the road.

    And, if you are on Windows, you’ll need a certificate so that the SSL connection does not fail. The solution to this problem is clarified by Arcolye here.

    Finally, to test your login locally, all you need to do is define your Site URL as http://localhost:3000/. That’s all there is. You do not have to define your canvas URL.

    • 0