Is it possible to access API when base.'RequireLogin = false'?

Jul 13, 2009 at 6:18 PM


I have a page where I have set base.'RequireLogin = false' to allow [limited] public access to the page.

I would like to display certain data to users if they are logged in (in addition to the publicly available data).

If I use RAW fbml tags I can display certain data to logged in users but whenever I try to access the API with 'RequireLogin = false' I am getting errors.

I basically just want to access the uid of a logged in user even though RequireLogin is set to false?


Jul 13, 2009 at 8:04 PM

If you only want to do this when users are logged in, why are you trying to set RequireLogin to false? All that does is check and make sure that a user is logged in. I don't understand why you wouldn't want it to be set to true in this case.

Jul 13, 2009 at 8:46 PM


Thank you for your reply.

I wish the page to be available to BOTH logged in users and anonymous visitors.

Facebook [Fan] Pages act like this i.e they are visible to search engines and can be seen by anonymous visitors.

The problem with setting 'RequireLogin=true' is that the page is then hidden and shows only a logon box.

The reason I want to obtain the uid for logged on visitors is that the page will then display ADDITIONAL functionality for any logged on users.

I can already do that to a limited extent by using <fb:if-is-app-user> but this does not help me with user specific information,

What I am basically saying is that I don't REQUIRE users to be logged in but if they are I want to know who they are.

Jul 13, 2009 at 9:48 PM

I have managed to resolve this by bypassing the API and extracting "fb_sig_user" directly from the InputStream.

For reference this was the statement that led me to this:

The visiting user's ID. fb_sig_canvas_user is passed if user has not authorized your application, while fb_sig_user is passed if the user has authorized your application. Neither is passed when an application tab is being requested; fb_sig_profile_user is passed instead.


Jul 13, 2009 at 10:36 PM

Yes, that's roughly what I would recommend you do, although I think it may be a bit cleaner if you get it from the QueryString property, or just the request itself (request["fb_sig_user"]). In the future it might make sense for us to find a better way to support this in the FDT, but for now that should be a good solution.

Jul 14, 2009 at 9:36 AM

Thanks for that.

I will tidy it up a bit. I took the whole input stream because I wanted to see exactly what what it contained under those circumstances.

It would be good if the API could support this in the long term because I believe there are good [SEO & marketing] reasons why you would want some pages accessible to non-Facebook and anonymous visitors.

Sep 3, 2009 at 8:18 PM
Edited Sep 3, 2009 at 8:20 PM

If you are working within a tab (application tab) the RequireLogin "has" to be set to false or the app throws and error ("something about invalid redirect I think").  That being said...with no do you get info about the tab owner (outside of friends, uid, etc)?  For instance, what if I want to get fan pages for the tab owner (that has already authorized my app)?  Attempting this via the API results in an empty xml doc when RequireLogin = false;

Sep 3, 2009 at 8:21 PM

I tried this via fbl.query and pages.getInfo.