Today we explain how the Facebook Omniauth sign up process works for Nowcado (get it for Android or iOS). You will see this process is just as secure as the standard one (all transactions with both the Nowcado server and Facebook server are performed over a secure, encrypted SSL channel) , yet even simpler for you to do!
- A user signs in to Facebook using their Facebook credentials. Note that this is the only step the user must perform.
- Facebook responds with a Facebook authentication token which enables the holder to access your email address and Facebook username.
- The app sends the Facebook token to the Nowcado backend.
- Nowcado queries the Facebook server using the Facebook token in order to retrieve the user’s email address and Facebook username.
- Nowcado creates an account using the email address, permutation of the Facebook username (as a default – you can edit it later from the user page if you like), and a randomly generated secure password.
- Nowcado responds to the user with credentials that are used on subsequent requests. The same security on these credentials that applied to standard accounts still applies here.
Despite what Facebook may say when you are prompted, we do not use any information from Facebook beyond your email address and username. The email address is used if we need to communicate with you about your account (e.g. emailing your cart results) and the Facebook username is used as a basis for generating your Nowcado username. We cannot write any posts on your Facebook wall and we don’t see anything else about your Facebook account whatsoever.
If you wish to create an account unaffiliated with the email listed on your Facebook account, you can still use the standard sign up method.