Back to News for Developers

New Tools to Optimize App Authentication

October 14, 2011ByRushi Desai

At f8, we announced a redesigned Auth Dialog and a new authentication flow to give developers more control over people’s first experience with their apps. Today, we’re making these new tools available to all developers and their users.

Optimized Authentication Flow
We rebuilt the Auth Dialog to make the authentication process easier for people to understand, so they’re more likely to install your app. In addition to uploading a logo, all developers can now display a headline and description of their app in the new dialog. User permissions are now more clearly presented and organized. And we’ve introduced an in-line privacy selector for apps that request publishing permissions to provide users with more control over activity from apps.





The new dialog also supports Open Graph aggregation previews. Developers can test this now, and once Open Graph is more widely available, users will be able to preview how their activity in an app will appear on their timeline. Learn more about configuring the Auth Dialog for Open Graph integrations.





Extended Permissions
We believe that powerful permissions like ‘publish_checkins’ and ‘create_event’ are most effective when users understand the type of experience they can enable. With this redesign, extended permissions are always displayed in a second screen. We’ve also introduced an area on the extended permissions screen that lets you explain why you need extended permissions.

In the new Auth Dialog, users have the ability to grant access only to the extended permissions they’re comfortable with. You should make sure your app properly handles the cases when people remove permissions. You can visit the permissions documentation to see the permissions that are displayed on the second screen. We posted a tutorial earlier this week to help developers ensure that their apps don’t break when users revoke optional permissions.

We are making the new Auth Dialog available to all developers today. You can turn it on by going to the “Advanced Settings” page of the Dev App and manually enabling “Enhanced Auth Dialog.” Before you upgrade your app, we recommend that you customize your app’s Auth Dialog by visiting the “Auth Dialog Settings” page. We plan to migrate all apps to the new Auth Dialog before the end of the year, and we'll announce the specific timing in the next few weeks.

Authenticated Referrals, for a new class of social apps
After you upgrade to the new Auth Dialog, you can turn on Authenticated Referrals, a new feature for apps and websites that are designed to be social from the ground up.

Authenticated Referrals streamlines the auth process for users and allows apps to receive a greater number of connected users. With the feature enabled, any link on Facebook to your app will prompt the user with an in-line Auth Dialog and ask them to authenticate before navigating to your app. The experience is fast, familiar, and happens while the user is still on Facebook. This way, apps that require Authenticated Referrals don’t need to redirect traffic to an separate login flow, and users can have a social experience the moment they arrive at your app.

By guaranteeing that all users navigating from Facebook to your app will be logged in, Authenticated Referrals allows you to build apps that are social by default. Authenticated Referrals is an option for developers, and we recommend that you turn it on it if you require people to connect to use your app. You can enable it on the “Auth Dialog Settings” page of the Dev App.

Insights Improvements
With these new products, we’re also working on improvements to Insights to help you optimize your auth flow. For both the new dialog and Authenticated Referrals, we will provide the number of dialog impressions and accepts, the sources of connected users, and the privacy settings that people are selecting for your content. You will also see a breakdown of your conversion rate for extended permissions and how frequently they’re revoked.

Updated user measurement methodology
We’ve traditionally measured and reported app usage based on the number of people who visit an app, similar to how many web analytics companies measure Internet traffic.

When we first built Facebook Platform, we designed it so that developers could choose when to ask users to authenticate with their app, similar to how registration flows vary across the web. Over time, we’ve found that more and more developers have standardized on asking users to authenticate before they can use the app at all.

Given that most apps work this way, we're changing our active user figures for Apps on Facebook to publicly report the number of users that authenticate with the app. We believe this shift from “visitors” to “authenticated users” more accurately reflects the usage of an application, and it brings our measurement methodology for apps into alignment with how we measure engagement on Facebook.

This change will have no impact on third party measurement tools like comScore and Omniture. Developers will be able to access both numbers (canvas visitors and authenticated active users) in Insights. While this change will result in a perceived decline in active users for some apps, the number of users actually engaging with an app or playing a game is unaffected by this change.

These new authentication tools are designed to help you get more connected users and build deeply social apps. We hope they increase your install rates, and we’ll continue iterating on them as we receive your feedback below.