Hi
I've created a facebook fbml/api page that returns some content and it works.
I need to ensure:
That no-one can add the app to their own page. This is because the app only works for me - content behind the scenes is purely for me and not anyone else. The content is served from my own server of course.
The content however is visible as normal to friends (eg. photos/videos). ie. people can see this as a tab on my profile.
The URL should be protected such that no-one can simply add/include apps.facebook.com/appname/blah to their own page
Any ideas on how to set this up. I don't need actual coding details, just high level notes - from someone who has worked with Facebook/api. I know how to do all the above if it wasn't facebook.
Thanks,