HybridAuth Fix: Authentication failed! Facebook returned an invalid user id

In a project I was working on this past weeks, I was tasked to integrate social network login functionality to the site.

To reduce time required to implement the social login of each social networks, I opted to use HybridAuth – a PHP library that enable developers to easily build social applications to engage websites visitors and customers on a social level by implementing social sign in, social sharing, users profiles, friends list, activities stream, status updates and more.

HybridAuth act as an abstract API between your application and the various social APIs and identities providers such as Facebook, Twitter, Google, LinkedIn, Github etc.

In this article, I will show us how to fix the following error returned by Facebook / hybridauth after a user has authorized your Facebook application – Authentication failed! Facebook returned an invalid user id.

Below is a checklist that must be adhered to in order to prevent the above error.

1. Ensure the Client OAuth Login feature is enabled with others disabled.
   This can be found under security section when you click the Advanced tab.
   
   
2. Ensure the app and all its live features are available to the general public. This is done at the Status & Review page.
   
   Note: the Contact Email in Settings > Basic must contain a valid email address before this feature can be activated.

   

3. Last but not the least is: in your config array, ensure the base_url point to HybridAuth Endpoint (where index.php and perhaps config.php are found).
   
   In my case, the error was as a result of the absence of a trailing slash to the URL. I.e. instead of http://mywebsite.com/path/to/hybridauth/, I entered http://mywebsite.com/path/to/hybridauth

   Here is my Facebook config file if it helps.

   
   return
   	array(
   		"base_url" => 'http://mywebsite.com/path/to/hybridauth/',
   		"Facebook" => array(
   			"enabled"        => true,
   			"keys"           => array( "id" => 'app id here', "secret" => 'app secret here' ),
   			"trustForwarded" => true,
   			"scope"          => "email, user_about_me, user_birthday, user_hometown", // optional
   			"display"        => "page" // optional
   		),
   	);
   

   Note: you can rename the index.php file that contains the code for the HybridAuth End Point to say hybrid.php thus, your base url will become http://mywebsite.com/path/to/hybridauth/hybrid.php

I actually spent days trying to figure out the cause of this problem without luck. I hope someone find this article useful someday.

Don’t miss out!
Subscribe to My Newsletter
Receive the best WordPress, Git, Web development and programming tutorials.
Invalid email address
Give it a try. You can unsubscribe at any time.
Thanks for subscribing!