Home/ Questions/Q 4558178
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-21T17:36:45+00:00

This question is similar to How can I specifiy what access I need from

  • 0

This question is similar to How can I specifiy what access I need from my user's Facebook accounts when using OmniAuth? but has a caveat.

I’m using OmniAuth to authorize Facebook users on my website. For regular login/registration, asking the user for standard Facebook permissions are acceptable. But there is a feature on my site that requires extended permissions (access to their Facebook photos). I want to only ask for the extended permissions for users when/if they use our site’s Facebook photo feature.

All answers I’ve found on the web on how to set facebook permissions for omniauth deal with just adding a scope option in your OmniAuth initializer, like so:

ActionController::Dispatcher.middleware.use OmniAuth::Strategies::Facebook, 'app_id', 'app_secret', {:scope => 'email,offline_access,the,scope,you,want}

But I need to define the scope dynamically, so that only when users use the photo feature they get asked for the photo permissions, but not if they are just logging in or registering for the first time.

Anyone know how to do this? Thanks in advance.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You may have figured out a solution to this problem already but I figured I’d chime in for those still looking to solve this. My solution allows you to request as little Facebook permissions as possible up front, and then dynamically request them as your app needs them.

    http://www.mikepackdev.com/blog_posts/2-Dynamically-Requesting-Facebook-Permissions-with-OmniAuth

    Hope this helps!

    • 0