18

What's better?

  1. Login Button

  2. OAuth Dialog

I like the Login Button because it shows profile pictures of the user's friends who have already signed up for your application and it opens a dialog overlay instead redirecting to a new page as does the OAuth Dialog.

But, I think the OAuth Dialog is newer. Which should we use?

Also, the Login Button is XFBML. Apparently, Facebook is in the process of deprecating FBML. Does that mean XFBML is being deprecated too?

ma11hew28
  • 121,420
  • 116
  • 450
  • 651

3 Answers3

22

It isn't that one is better than the other - they are intended to accomplish different things.

The login button is used for external websites to allow Facebook-based social elements and community within that site. You can then add other plugins such as comments, the like button or the face pile to further integrate the Facebook social networking aspects, with the login button acting as the authentication mechanism.

The OAuth dialog is specifically for FB apps that run within the Facebook canvas, and allows you to request Graph API permissions from a user which will grant you access to various parts of their profile and additional channels of communication.

While Facebook is deprecating FBML, they are not including XFBML elements that support social plugins, such as the login button. See here for more info.

Daniel Schaffer
  • 56,753
  • 31
  • 116
  • 165
  • 1
    Thanks, I went with the OAuth Dialog cause we already had that working and was having trouble getting the Login Button to work. Then, I just added the facepile below it. The login button also allows you to request permissions. – ma11hew28 Feb 15 '11 at 04:34
  • 1
    This answer is incorrect -- the Login Button uses the OAuth 2.0 dialog, and they are both for exactly the same purpose. Facebook Social Plugins like the ones that you mentioned (comments, like button, facepile, etc.) do not require any third-party authentication. They utilize cross-domain iframes so they simply work depending on whether the user is logged into Facebook. By contrast, the Login Button is an XFBML widget that renders a button that, when clicked, shows the OAuth Dialog. Its social features work the same way as the plugins you named. – AndrewF Mar 26 '13 at 21:40
  • @AndrewF, it's been a while since I used any of these features, and they've likely changed since I wrote this answer. Feel free to submit an edit to correct any inaccuracies. – Daniel Schaffer Mar 28 '13 at 22:18
2

The oAuth button is decidedly and absolutely better for a simple reason - it is documented and relatively stable.

The Login Button has nearly no documentation right now ( https://developers.facebook.com/docs/reference/plugins/login/ ), and the behavior has slightly changed several times.

The documentation for the login button is currently limited to how you can :

  • change the appearance [ width, show faces , rows ]
  • specify scope
  • specify a registration-url

For the last several months ( ~Jan - July 2012 ), the documentation has not included anything concerning the flow of information or status -- ie, what actually happens on a successful or failed login.

While there are answers to these questions on StackOverflow , and mentions of other parameters that seem to work when passed in, Facebook does not mention or document any of this functionality at all, so it is essentially use at your own risk. The LoginButton is essentially a black box of mystery, that people just seem to have working thanks to undocumented features, and with functionality that will change/cease on random weekly updates.

tl;dr - stay the f(*& away from the Login Button and just use oAuth

Jonathan Vanasco
  • 15,111
  • 10
  • 48
  • 72
  • Sort of -- really the Login Button is just a relic of an older authentication system that they have preserved for reverse compatibility (particularly UI consistency for the third party app developers). When they switched to Auth 2.0, they updated the button so that it uses OAuth 2.0. And as such, clicking it runs exactly the same code that would have run if you had manually called `FB.login` to use the OAuth Dialog. If you look through the docs, though, you will see that they have long since stopped recommending it. – AndrewF Mar 26 '13 at 21:47
  • Facebook has , historically , had awful documentation that is always in a state of flux. At the time of writing the original post, they recommended one over the other. They did not clearly mark one as deprecated. They did not recommend against one or the other. – Jonathan Vanasco Mar 26 '13 at 22:13
2

I think Daniel hit the nail on the head.

I have just started reading up on Facebook Development, and it seems they are providing a great set of tools to do very powerful things, but they aren't particularly explaining which bits do what.

I think you need to be sure of the difference between; a) creating a web app that will leverage the facebook api to enhance its functionality (i.e. using the login button to allow a user to login/create a profile on that website) and b) creating a Facebook app that makes use of the api to simplify development (i.e. authorize and authenticate a facebook user for an app request)

I don't think they have outlined that distinction very well throughout their documentation

Timmy O'Mahony
  • 53,000
  • 18
  • 155
  • 177