The onboarding experience is one of the most important user experiences in your app. Facebook Login lets people start using your app quickly and easily, and they'll enjoy more personalized and meaningful experiences.
In this doc, we offer some tips and considerations to optimize your login flow. A high quality onboarding experience can lead to conversion rates above 80%.
If your app is well known and understood, you might be able to put your login button on the initial screen and still see decent conversion rates. If you do this, be sure the intro screen has a clear, succinct and compelling statement about what it has to offer:
A better option is to provide a glimpse of the content available to people prior to logging in, like the background photo in this example:
If your app requires additional education, you may want to offer a multi step demo above your login button. This gives people the option to either log in immediately or learn more first.
The best experience is to let people use your app and see its content before prompting them to log in. For example, many ecommerce sites such as Zulily don't require people to log in until they're ready to check out.
Only ask for the permissions you need. The fewer permissions you ask for, the easier it is for people to feel comfortable granting them. We've seen that asking for fewer permissions typically results in greater conversion.
You can always ask for additional permissions later after people have had a chance to try out your app.
An additional benefit of asking for fewer permissions is that you might not need to submit your app for App Review. You need to submit for App Review if you request any permissions other than
You should trigger permission requests when people are trying to accomplish an action in your app which requires that specific permission.
For example, the Facebook app only asks for Location Services when people explicitly tap on the location button when updating their status.
In addition, people are most likely to accept permission requests when they clearly understand why your app needs that info to offer a better experience.
Although access tokens have a scheduled expiration, tokens can be caused to expire early for security reasons. If you don't use the Facebook SDKs in your app, it is extremely important that you manually implement frequent checks of the token validity — at least daily — to ensure that your app is not relying on a token that has expired early for security reasons.
The Facebook Login button that comes with our SDKs is easy to integrate and includes built-in education that ensures a consistent design and experience:
Logging in from a WebView works only if people have the Facebook app installed on their mobile device. Because you cannot predict whether people will have the app installed, it's better not to have them log in from a WebView.
Once people are logged in, you should also give them a way to log out, disconnect their account, or delete it all together. In addition to being a courtesy, this is also a requirement of our Facebook Platform Policy.
The dating app Tinder, for example, gives you the option to log out or to delete your account entirely.
It's incredibly important to test your Facebook Login flow under a variety of conditions, and we've built a robust testing plan for you to follow. It's also a good idea to run qualitative usability tests to understand how people are reacting to what they see.
Once you've tested your Login flow and are ready to launch, we suggest using an analytics program to understand if people are completing the process and their overall conversion rates. Best practice apps can see conversion rates of over 80%. Facebook Analytics lets you monitor your conversion rates for free.
To avoid potential problems later on, do a quick check to make sure your Login integration adheres to the login section of our policies.
To give people control of their data, implement a data deletion callback to respond to people's requests to delete data your app has from Facebook about them.
You only need to submit your app for App Review if you're requesting permissions beyond
public profile and
You can learn more about App Review in our docs.