How to identify users that did not grant access to an app?
We are implementing a voting-system inside an facebook app. The users are able to upload conte开发者_JS百科nt and vote the content of other users. We are aiming for a low entry-barrier for users who only want to vote other users content. As we want unique votes, we have to identify the users somehow. Is it possible to identify users that did not grant permissions for the app? The signed request does only contain statistic data for the current user (country, locale, age-range) and no session. We do not need any specific data of the user, just something unique per user.
We are using an iframe-app.
Basic authentication will give you user ids -- probably the best way to uniquely identify a Facebook user, although it adds friction.
Alternatively for a very low barrier to entry you could use a Like Button and query the Graph for number of votes. If you decide to use the like button, and there is a prize based on the number of votes, please make sure to check Facebook policy on contests.
It is not possible to identify a facebook-user that has not granted permissions to the app.
However it is possible to run a layered permission system. The app can ask for basic-authentication and upgrade the permessions later on if need be.
精彩评论