I'm working on a site that has a large proportion of users signing in via Facebook Connect, so they don't have a username and password for our site. We offer our own user-authenticated API using basic auth, but this doesn't allow facebook connect users to authenticate with clients using our API.
Is there any way that doesn't break Facebook's TOS to authorize other third parties using Facebook authentication credentials? For instance, if the other site implements facebook connect and passes session data back to us? Are there any examples in the wild of facebook connect being used successfully by an API provider other than sites like Foursquare that use oAuth as a solution?