OIDC Token for Limited Login

A successful login in Limited Login populates a global AuthenticationToken instance. You can provide a nonce for the login attempt that will be reflected in the return token and that your app can use to validate the token. In addition, Limited Login populates a shared profile instance that contains the basic information including ID, name, profile picture, and email (if granted by the user).

AuthenticationToken offers a set of endpoints for obtaining information about the implementation and for uninstalling the user from the app.

OIDC Endpoints

Discovery Endpoint

Endpoint: https://limited.facebook.com/.well-known/openid-configuration/

Request Type: GET

Description: Returns metadata for Facebook’s OIDC implementation.

JWKS Endpoint

Endpoint: https://limited.facebook.com/.well-known/oauth/openid/jwks/

Request Type: GET

Description: Returns the public keys for Facebook’s OIDC implementation in JWK format.

Uninstall Endpoint

Endpoint: https://www.limited.facebook.com/platform/uninstall/

Request Type: POST


  • id_token
  • app_id

Description: Replaces the /me/permissions endpoint for Limited Login Requests to uninstall the user from the specified Facebook app. This endpoint won’t remove the user’s permissions for the application.