Facebook Login Changes to Address Abuse

It came to our attention yesterday that some third-party tracking scripts on websites were directly accessing Facebook public profiles. While investigating this issue, we have taken immediate action by:

• Disabling the ability to resolve the app-scoped user ID (ASID) returned by Facebook Login to a Facebook profile page, even for logged-in users.
• Instituting rate limiting of profile picture requests, to further prevent any third parties from trying to link people's activity across different websites using the application-specific identifiers issued by Facebook Login.

We don’t take breaking changes lightly, but we believe that these updates will help protect people’s privacy and increase trust across the ecosystem. If you have an urgent issue in need of resolution, please fill out this form and someone from our team will get in touch with you.

Thank you for your patience while we work to resolve this issue as soon as possible.