August 15, 2013
October 11, 2018
Earlier this week, we updated our Developer Roadmap to require the use of OAuth 2.0 and HTTPS. These updates are part of a continual process to make our Platform more secure for developers and users. Over the past few days, we received several questions from developers about these updates. We wanted to provide more context around why we are requiring these changes and how we can work together to provide a safer online experience.
As the web evolves, expectations around security change. For example, HTTPS -- once a technology used primarily on banking and e-commerce sites -- is now becoming the norm for any web app that stores user information. We feel that HTTPS is an essential option to protect the security of Facebook accounts, and since Apps on Facebook are an important part of the site, support for HTTPS in your app is critical to ensure user security.
As an app developer, you can help us by:
We take the safety and security of Facebook users extremely seriously and have been working on a number of different initiatives to keep our shared users safe:
We appreciate your help in making the necessary changes to your apps outlined earlier this week and your commitment to create a secure environment for users. If you have any questions, please let us know in the Comments below.