Given URL is not allowed by the Application configuration Facebook application error

Question

Given URL is not allowed by the Application configuration.: One or more of the given URLs is not allowed by the App\'s settings. It must match the Website URL or Canvas URL,

Answer 1

Under advanced tab make sure "Valid OAuth redirect URIs" contains valid URI or leave it empty(not recommended)

"http://example.com/"

instead of

"http://www.example.com"

Answer 2

I chased my tail on this issue for hours. My coder and I could login with FB without a problem but my wife couldn't. She would get this topic's subject message. I tried every setting and URL that I could think of for my Lavarel app.

My issue was that my wife was signing in from:

http://www and we were using http://  

A short trip to CPanel and a redirect fixed that. Hope this helps someone!

For Lavarel these FB app settings worked for me:

Settings/Basic - App Domain: mydomain.com ,  Site URL: http://mydomain.com/login.

Settings/Advanced - Client OAuth Login: Yes. 

Settings/Advanced - OAuth redirect URIs: http://mydomain.com , http://mydomain.com/login.

App Details/App Center listed platforms = No.  I'm only using the login for now.

Answer 3

I have a website with facebook login.
It has been stable and working for months. No code change has happened for weeks. Then, suddenly, the facebook login gives an error message:

Error
Given URL is not allowed by the Application configuration.: One or more of the given URLs is not allowed by the App's settings. It must match the Website URL or Canvas URL, or the domain must be a subdomain of one of the App's domains.

After debugging "for awhile", I reset my facebook app secret and it started to work again!

Answer 4

Michael Blackburn's answer helped me resolve my issue, but I want to give more detail on my fix.

I have a php app that posts to a user's FB page.

I own two domains:

• http://app.my-web-app.com
• http://app.mywebapp.com (no hyphen)

I built my site off the first domain because it read better IMHO (at least it did at the time).

Some users typoed the url so I bought the second one with no dashes for that reason.

So, one of my users was having the "Given URL" error.

Turns out he was going to http://app.mywebapp.com and the rest of them were going to http://app.my-web-app.com

I fixed everyone by adding all possible redirect URIs:

Granted, there are 100 better ways to implement this, but here is the workaround for now.

Answer 5

This is a basic breakdown for slow people like me, and I didn't see this mentioned before.

The "redirect uri" isn't the place where you're redirecting to, but where it's coming from.

Say you have your app at http://myFBapp.com listening to /auth/facebook, and after they log in, redirecting them to /UserLoginHooray. The "Valid OAuth redirect URIs" should read http://myFBapp.com/auth/facebook, not http://myFBapp/UserLoginHooray.

Explanation: HTTP Requests that have been redirected (302) include the original address in the header, so Facebook is merely putting a very basic layer of security on the request.

Answer 6

I found Valid OAuth Redirect URIs under PRODUCTS then Facebook Login > Settings not as everyone is stating above. I am supposing this is a version issue.

It still didn't work for me. I guess I really have to add Android Platform rather than just the Website. This is annoying because my app is still in development mode :(

UPDATE: I'm using Expo to develop my react-native app and used info provided here: https://developers.facebook.com/apps/131491964294190/settings/basic/ to set up the Android and iOS platforms. This resolved the issue for me.