How can I authenticate to my applications webservice after using Facebook SSO on Android?

Question

I am creating an Android app that uses Facebook SSO to login and I\'m not sure how to authenticate with my own webservices after I login to FB. When a user first opens my a

Answer 1

I think you have to pass a password along with your basic info upon profile creation. All in all, the Facebook SSO only gives your client application the right to access the profile user, but it does not garantee your web services that the caller is the actual owner of this FB account. I am afraid that subsequent calls from the Android client to the web service needs to be authenticated via a normal user/name password ( different from the FB account ) if you want to be sure that the caller is the one who retrieved the key the first time ( no matter what Facebook profile he might be linked to ).