Facebook Is Changing Quickly. JFBConnect is Ready.

Unless you've been living under a rock, you've heard about Cambridge Analytica and the unauthorized use of user data coming from the Facebook Platform. In response to this, Facebook is rapidly making multiple changes to their platform. JFBConnect integrates with many different social networks, but Facebook is the most used of them all. Because of that, we want to make sure all of our users are aware of the changes we know of, the actions we'll be taking, and how to make sure Facebook integration continues working as expected on your site.

Quick Background

There's plenty of details out there about this, so this will be brief. Basically, up until 2014, Facebook had a 'friends' permission. If you logged into a website and granted this permission, that website was able to get full profile information about you *and* your friends, even though your friends likely never used that site. This caused an exponential increase in the amount of profile data a site could get by having users grant that permission.

The 'friends' permission was controversial, even then, which is why Facebook disabled the permission when Graph API v2.0 became a required update. TechCrunch had a good writeup at the time of the shutdown of the previous Facebook API that allowed this data collection through the friends permission. That article was from 2015, way before the Cambridge Analytica debacle was public knowledge.

Facebook's Changes

So Facebook removed that 'friend' permission back in 2015. However, there's still quite a few ways that apps can get at a lot of user data using the Facebook API. To be on the correct side of public opinion, Facebook looks to be making sweeping changes to getting profile data. Some things have already been implemented, and more are on the way. Here's a quick list of changes implemented so far.

  • Profile data no longer available: religion and political views, relationship status, relationship details, custom friend lists, about me, education history, work history, my website URL, book reading activity, fitness activity, music listening activity, video watch activity, news reading activity, games activity.
  • The review process is temporarily disabled for permissions, so no new permissions can be granted. If you want to request additional profile data from your users, you may not be able to right now. If you have a new app, you'll only be able to get the basic profile information of email, name and avatar until Facebook resumes the review process.
  • App permissions will be revoked after 90 days if the user doesn't interact with your site. If a user doesn't login to your site for 90 days, then the app will be removed from their profile. On return, they'll have to go through the authentication process again and grant permissions for your app. JFBConnect will handle this without issue and log them into the same Joomla account automatically.

JFBConnect Changes

We'll continuously be making changes to JFBConnect to keep up with any changes from Facebook. We'll be removing the profile data selectors they can no longer be imported and be updating for some minor changes in how the Page and Group API's work. As Facebook rolls out their new review policy or revises how apps are created, we'll update Autotune and our documentation accordingly to make the setup process as smooth as possible.

We have always taken a very conservative approach with JFBConnect. It was obvious that the Facebook platform could be easily abused by pulling down excessive data. We intentionally built JFBConnect so that it wasn't too agressive in taking profile information, even if we had many requests to gather as much as we could. That conservative approach is paying off now as very little change should be required, and those that are made, shouldn't affect your website's authentication or social network integration experience in a meaningful way. 


Alex Andreae

Alex co-founded SourceCoast Web Development in 2008. Based in sunny Florida, SourceCoast develops extensions for integrating your Joomla powered website with popular social networks. He has spoken at more than a dozen Joomla User Groups and Joomla Days, including the Joomla World Conference in both 2012 and 2013. Topics have included social networking for Joomla, running a business around Joomla extensions, and Joomla development.

Find Alex around the web: