Private emails affecting Facebook SSO

I have a team of developers building a platform for me primarily in WordPress. We’re using social login buttons for SSO. They tell me that they are facings issue with Facebook and LinkedIn where a user has set their email to private. In those cases the email addresses aren’t being retrieved as part of the signup info.

Has anyone else come across this? How have you handled it?

Thanks in advance.

With all of the security holes that are (seemingly) perpetually being published, are you sure you want to go with WP?

UPDATE: Just in case anyone isn’t aware, here are a few links that I Googled (yes, I hate that it’s now a verb, too):
http://www.cvedetails.com/vulnerability-list/vendor_id-2337/product_id-4096/
http://marketblog.envato.com/news/wordpress-item-security-vulnerability/

V/r,

:slight_smile:

I don’t know about LinkedIn, but this from March 2014 the “fix” was to fall back to “enter email address” login.

https://meta.discourse.org/t/facebook-initial-login-create-account-dialog-leaves-email-field-blank/13815

Awesome. Thanks for that. :smile:

[quote=“WolfShade, post:2, topic:192398”]
With all of the security holes that are (seemingly) perpetually being published, are you sure you want to go with WP?
[/quote] That’s a bit like asking someone if they really want to move after they’ve already bought a new house. :wink:

Yeah, I know… sorry… if I’d known before you started that you were utilising WP for this, I’da jumped in and said something about it, then. :open_mouth:

V/r,

:slight_smile:

2 Likes

TBH we’d likely do it anyway. It’s a blog integrated with Discourse. There aren’t really any other feasible options that I’m aware of at this point.

I assume that you retrieve this information to make the login or registration easier and faster but if you can’t retrieve it then I guess you’re doomed to ask this info from them.