Facebook

Procedure

  1. Click Identity Providers in the menu.

  2. From the Add provider list, select Facebook. Keycloak displays the configuration page for the Facebook identity provider.

    Add identity provider

    Add Identity Provider

  3. Copy the value of Redirect URI to your clipboard.

  4. In a separate browser tab, follow the Facebook Developer Guide’s instructions to create a project and client in Facebook.

    1. Ensure your app is a website-type app.

    2. Enter the Redirect URI’s value into the Site URL of the Facebook Website settings block.

    3. Ensure the app is public.

  5. Enter the Client ID and Client Secret values from your Facebook app into the Client ID and Client Secret fields in Keycloak.

  6. Click Add

  7. Enter the required scopes into the Default Scopes field. By default, Keycloak uses the email scope. See Graph API for more information about Facebook scopes.

Keycloak sends profile requests to graph.facebook.com/me?fields=id,name,email,first_name,last_name by default. The response contains the id, name, email, first_name, and last_name fields only. To fetch additional fields from the Facebook profile, add a corresponding scope and add the field name in the Additional user’s profile fields configuration option field.