Limited Login for Unity

Along with v9.0 of the iOS SDK, the Unity SDK has been updated to enable iOS developers to offer Limited Login to their users. In summary, this update adds an Authentication Token for use to verify a user’s identity on login, with other Graph API features available using the classic Facebook Login product.


Limited Login offers a limited set of permissions you can request:

  • public_profile
  • email
  • gaming_profile
  • gaming_user_picture
  • user_age_range
  • user_birthday
  • user_friends
  • user_gender
  • user_hometown
  • user_link
  • user_location
  • user_messenger_contact

Implementing Limited Login

To use Limited Login with the Unity SDK, use the LoginWithTrackingPreference function to specify that the LoginTracking preference is LIMITED for a given login request. Additionally, developers can include an optional nonce meant to verify the response from the Unity SDK. For more information on validating the OIDC token, see Validating the Limited Login OIDC Token.

FB.Mobile.LoginWithTrackingPreference(LoginTracking.LIMITED, scopes, "nonce123", this.HandleResult);

Retrieving Profile Data

After completing the Login Flow for Limited Login or classic Facebook Login, developers can now retrieve an AuthenticationToken from the Unity SDK. To retrieve the user’s basic profile information, developers can request the Profile object using the CurrentProfile function - which reads the associated AuthenticationToken.

private void GetProfileInfo()
     var profile = FB.Mobile.CurrentProfile();
     if(profile != null) {
          this.userName = profile.Name;
          this.userId = profile.UserID
          this.userEmail = profile.Email;
          this.profileImageUrl = profile.ImageURL;
          this.userBirthday = profile.Birthday;
          this.userAgeRange = profile.AgeRange;
          this.userFriendIDs = profile.FriendIDs;
          this.userGender = profile.Gender;
          this.userLink = profile.LinkURL;
          this.userHometown = profile.Hometown;
          this.userLocation = profile.Location;

Be aware that Limited Login and the “Profile” class are currently only available for the iOS SDK and aren’t available for other platforms at this time.



Name Description


Enum value indicating if the Login request should have tracking enabled. The values available are ENABLED and LIMITED.


Helper class containing the authentication token string granted to your application by the current user. This token includes data for the user’s ID, name, profile picture, and email (if granted by the user).


Helper class used to retrieve the basic profile information from the current user’s AuthenticationToken.


Name Description


Prompt a user to authorize your app with requested permissions based on their selected tracking preference.


Returns the AuthenticationToken granted to your application by the current user.


Returns the basic profile information granted to your application by the current user.



  1. LoginTracking - Enum selecting between ENABLED and LIMITED
  2. Scopes - Permissions for this request
  3. Nonce - Optional string used to verify response
  4. Result Handler (IResult) - Callback function that will process the login response

Result: Handles User Login requests and handles user session


Parameters: None

Result: Returns an “AuthenticationToken” containing the user’s basic profile information, including User ID, User Name, User Profile Picture, and User Email (if permission granted by the user).


Parameters: None

Result: Returns a Profile object containing the user’s basic profile information. This is automatically retrieved from the user’s Authentication Token.

Validate the OIDC Token

Before you use the OIDC token serverside, validate the token against Facebook's public keys and make sure that the nonce matches the nonce you provided.