We have an app that posts to a Facebook user's page, after getting the proper permissions, of course. Using Facebook Login for authentication, we used to be able to use wildcards for the "Allowed Domains for the JavaScript SDK" part. It seems that is no longer allowed? We have a single app that will be used for all our clients. Each client account has its own subdomain, where the javascript authentication calls come from. There is no realistic way for us to manage this without wildcard subdomains. Any thoughts here?
Were you ever able to figure out a solution?
Use the OAuth implementation instead of the js login button. https://developers.facebook.com/docs/facebook-login/guides/access-tokens/#usertokens
Thanks, I'll look into that. I have a different implementation working now, at least.