Facebook Connect Policies
From Facebook Developers Wiki
Contents[hide] |
Facebook Platform Policy Additions for Facebook Connect
October 15, 2008: This is a draft of the Facebook Connect policies. The policies are not considered final, but we expect them to be close to the final versions. Please make sure your Facebook Connect implementations abide by all of these policies. Any updates will be posted here.
For Facebook Connect, all existing Facebook Platform policies apply, such as the Developer Terms of Service (including data storage and transfer terms), Facebook Platform Application Guidelines, and Facebook Platform Policy.
In addition, the following Facebook Connect Policies apply:
Login/Connect
New Policies
1. The website must display and use one of the approved Facebook Connect buttons on Facebook Connect Login Buttons to begin the "Connect" process.
2. When Facebook Connect is used to allow a user to "sign in" or authenticate with your website, the Facebook Connect option must be presented at least as prominently as the most prominent of any other sign in or authentication method on your site, and not as a secondary option.
3. The website must offer an explicit "Log Out" option that also logs the user out of Facebook Connect.
4. When a user has connected their account and is currently logged in on your site, the application must show the profile picture and name of the user in a visible place on the page. This profile picture should be no smaller than 16x16 pixels and should include the Facebook "f" favicon in the lower right corner. If the profile picture is too small to position the icon over the lower right corner, you can position the favicon to the right of the picture.
5. When a user connects with your website, the user is granting this authentication/permission only to the specific website. The user's data or access cannot be made available to another website not under your control unless the user specifically connects to that website as well.
6. If you have an application on Facebook and a website that implements Facebook Connect, the user will need to explicitly connect on your website before your website can use their information. However, once the user has both authorized the application and connected to your website, you can link the information.
Best Practices
7. When you use a "Facebook Connect" button on your website, you should make sure to have the right descriptive text to describe how the experience will work on your site. For example, we recommend associating Facebook Connect with one of the following words or phrases: "Connect", "Sign In", "Sign Up", Login, "Log In", "Create account, "Register", "Join", "Find your friends", “Share with your friends”.
Feed
New Policies
8. Facebook Connect applications cannot publish one line stories automatically via the Facebook Platform API (i.e., without being presented to the user in a Feed form) unless the story and template have been approved through the Facebook Connect approval process.
Note: This process is still being finalized. For now, you may not publish one line stories automatically.
Best Practices
9. When a user completes an action in an application that would prompt a Feed form, the application should add a check box (to the part of the flow associated with completing the action) asking the user if they want to share this information through Facebook (e.g., "Share this run with my Facebook friends?"). The check box may be pre-checked by default, but if the user unchecks this check box during the flow, the Feed form should not be shown.
10. One line stories published from your site will be approved for automatic publishing only if they meet the following criteria:
- The story contains information that is publicly available to users who can view the story (for example, a user commented on an article).
- The information shared in the story is associated with the user on the website (for example, no anonymous data).
- The story is a result of an explicit action taken by the user.
Friends and Friend Linking
New Policies
11. When representing a list of friends to a user on the website, which includes a set of friends from the user's full Facebook friend list, the website must indicate that the friend relationship on this website is associated with their friend relationship on Facebook. It is recommended that you use a Facebook favicon or the word "Facebook" to indicate that these friend relationships are associated with Facebook.
12. Sites that use the Friend Linking feature to help users find their friends can only use this feature if the site also offers a separate way to search for friends by email address or via a contact importer.
13. All email addresses submitted for friend linking must be legitimate email addresses for users on your site.
