Hi all,
This is all too confusing for me at the moment. I seem to be going in circles. So here is my situation and my questions.
I have an IFrame Application that needs to pretty much just run on the Canvas page. In this App, I wish to access certain user data (which I believe are beyond the normal set of permissions, thus requiring extended permissions).
Question 1: Authentication in this context refers to FB accepting you as a genuine Application (by use of the App Key / Secret) and allowing you access to the API and it's more sensitive areas. Is this correct?
Question 2: Authorisation is the process in which you prompt the user that certain additional permissions are needed for the application to work. Is this correct?
Question 3: For an IFrame App, what is/are the method to perform an Authentication and Authorisation?
Question 4: Most sample code / exampes I've come across seem to be tilted towards Connect. Connect is only used when your site (which is not embedded in a FB frame) requires access to FB Data. Is this correct?
Question 5: How does OAuth fit into all of this? Is it only to be used in conjunction with Connect (ie: external site situation)?
Any light you can shed upon this matter will be greatly appreciated. Thank you.
Cheers~