skip to Main Content

I am working on an App which allows login through Facebook and then after it makes REST API calls to fetch data.

What i want to do:
Most of the APIs are supposed to be secured hence I want to protect the APIs using a session token. That mean with every request i will send USER’s ID and a Session token which will be saved on DB. My API will first authorize the request and then will send data.
I want this token to be generated from Server side when user logs in using facebook or google. As if i do it from client side then any one can make that call from REST client like postman or something else.

I can do this when login is done on Webpages but not able to figure out the same when done on native android app.

Let me know if you need any information.
I am posting this because i am not finding any info.

2

Answers


  1. I think there’s a simple way.

    ANDROID APP

    1. Login using Facebook and get AccessToken
    2. Send this token to your server

    SERVER

    1. Use AccessToken to get user’s data.
    2. Return YOUR user’s id and token as response

    Hope it helps

    Login or Signup to reply.
  2. You can use Facebook Graph Api to get access tokens and then you use them to Get/Post data on facebook.

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search