Not able to get UserData after using limited login in ios

[rohnsht]

What version are you using?

flutter_facebook_auth: ^7.0.0

What OS and version are you using to local deploy your application?

ios 16.6

What platforms are you seeing the problem on?

iOS

pubspec.yaml

dependencies:
  flutter:
    sdk: flutter

  animations: ^2.0.11
  app_settings: ^5.1.1
  circle_list: ^1.0.5
  crypto: ^3.0.2
  device_info_plus: ^10.1.0
  encrypt: ^5.0.3
  extended_image: ^8.2.0
  firebase_analytics: ^11.0.0
  firebase_core: ^3.0.0
  firebase_crashlytics: ^4.0.0
  firebase_dynamic_links: ^6.0.0
  firebase_in_app_messaging: ^0.8.0
  firebase_messaging: ^15.0.0
  flutter_acpanalytics: ^2.0.1
  flutter_acpcore: ^2.0.1
  flutter_facebook_auth: ^7.0.0
  flutter_image_compress: ^2.2.0
  flutter_markdown: ^0.7.1
  font_awesome_flutter: ^10.7.0
  google_sign_in: ^6.2.1
  http: ^1.2.1
  image_picker: ^1.1.1
  intl: ^0.19.0
  in_app_review: ^2.0.9
  jiffy: ^6.3.0
  package_info_plus: ^8.0.0
  permission_handler: ^11.3.1
  provider: ^6.1.2
  shared_preferences: ^2.2.3
  share_plus: ^9.0.0
  shimmer: ^3.0.0
  sign_in_with_apple: ^6.1.0
  url_launcher: ^6.2.6
  webview_flutter: ^4.7.0

Describe the Bug

I am trying to get the user's after after successful limited login in ios. However, I get this issue:

flutter: PlatformException(FAILED, The operation couldn’t be completed. (com.facebook.sdk.core error 8.), null, null) flutter: #0 StandardMethodCodec.decodeEnvelope (package:flutter/src/services/message_codecs.dart:648:7) #1 MethodChannel._invokeMethod (package:flutter/src/services/platform_channel.dart:334:18) <asynchronous suspension> #2 FacebookAuthPlatformImplementation.getUserData (package:flutter_facebook_auth_platform_interface/src/facebook_auth_implementation.dart:84:20) <asynchronous suspension> #3 FacebookAuth.getUserData (package:flutter_facebook_auth/flutter_facebook_auth.dart:70:20) <asynchronous suspension>

Expected Behavior

I should be able to get user's data such as name, email and profile pic.

To Reproduce

String generateNonce([int length = 32]) {
  final charset =
      '0123456789ABCDEFGHIJKLMNOPQRSTUVXYZabcdefghijklmnopqrstuvwxyz-._';
  final random = math.Random.secure();
  return List.generate(length, (_) => charset[random.nextInt(charset.length)])
      .join();
}  

final _auth = FacebookAuth.instance;

  void _authenticateUser() async {
    final nonce = generateNonce();

    final LoginResult result =
        await _auth.login(loginTracking: LoginTracking.limited, nonce: nonce);
    if (result.status == LoginStatus.success) {
      final accessToken = await _auth.accessToken;
      print(accessToken!.tokenString);
      // get the user data
      // by default we get the userId, email,name and picture
      final userData = await _auth.getUserData();
      print(userData);
      // get firstName and lastName
      final String name = userData["name"];
      final nameList = name.split(" ");
      // get email
      var email = userData["email"];
      //get profilePicture
      final picture = userData["picture"];
      final pictureData = picture["data"];

      // if email is null in Facebook ask for user's email
      if (email == null) {
        email = await _displayEmailDialog();
      }

      // create login parameters
      final params = {
        "first_name": nameList.first,
        "last_name": nameList.last,
        "id": userData["id"],
        "email": email,
        "photo_url": pictureData["url"],
        "access_token": accessToken?.tokenString
      };
      _loginUser(context, params);
    } else {
      print(result.status);
      print(result.message);
    }
  }

Relevant log output

No response

flutter doctor -v

[flutter] flutter doctor -v
[✓] Flutter (Channel stable, 3.22.1, on macOS 14.5 23F79 darwin-arm64, locale en-AU)
    • Flutter version 3.22.1 on channel stable at /Users/rohan/Development/flutter
    • Upstream repository https://github.com/flutter/flutter.git
    • Framework revision a14f74ff3a (3 weeks ago), 2024-05-22 11:08:21 -0500
    • Engine revision 55eae6864b
    • Dart version 3.4.1
    • DevTools version 2.34.3

[✓] Android toolchain - develop for Android devices (Android SDK version 34.0.0)
    • Android SDK at /Users/rohan/Library/Android/sdk
    • Platform android-34, build-tools 34.0.0
    • Java binary at: /Applications/Android Studio.app/Contents/jbr/Contents/Home/bin/java
    • Java version OpenJDK Runtime Environment (build 17.0.10+0-17.0.10b1087.21-11572160)
    • All Android licenses accepted.

[✓] Xcode - develop for iOS and macOS (Xcode 15.4)
    • Xcode at /Applications/Xcode.app/Contents/Developer
    • Build 15F31d
    • CocoaPods version 1.15.2

[✗] Chrome - develop for the web (Cannot find Chrome executable at /Applications/Google Chrome.app/Contents/MacOS/Google Chrome)
    ! Cannot find Chrome. Try setting CHROME_EXECUTABLE to a Chrome executable.

[✓] Android Studio (version 2023.3)
    • Android Studio at /Applications/Android Studio.app/Contents
    • Flutter plugin can be installed from:
      🔨 https://plugins.jetbrains.com/plugin/9212-flutter
    • Dart plugin can be installed from:
      🔨 https://plugins.jetbrains.com/plugin/6351-dart
    • Java version OpenJDK Runtime Environment (build 17.0.10+0-17.0.10b1087.21-11572160)

[✓] VS Code (version 1.90.0)
    • VS Code at /Applications/Visual Studio Code.app/Contents
    • Flutter extension version 3.90.0

[✓] Connected device (3 available)
    • Iphone8 (mobile)                • d9aeb9e01d035a78940cb44886629b5d45be02f9 • ios          • iOS 16.6 20G75
    • macOS (desktop)                 • macos                                    • darwin-arm64 • macOS 14.5 23F79 darwin-arm64
    • Mac Designed for iPad (desktop) • mac-designed-for-ipad                    • darwin       • macOS 14.5 23F79 darwin-arm64

[✓] Network resources
    • All expected network resources are available.

! Doctor found issues in 1 category.
exit code 0

Info.plist (iOS)

No response

Podfile (iOS)

No response

AndroidManifest.xml

No response

MainActivity.java

No response

MainActivity.kt

No response

index.html

No response

Info.plist (macOS)

No response

[mehedi4958]

I am facing the same problem here. However, it works fine in iOS simulators and iOS 17.5.1 (iPhone 14 pro) but, did not get user data in iOS 15.8.2 (iPhone 7) and iOS 17.4.1 (iPhone 15 pro max) real devices.

Got any solution? @rohnsht

[Alexspriet]

Same issue here!

[darwin-morocho]

I have recived this message from meta.

There have been changes made to the Facebook Login SDK for iOS that require your action.

As of late March, we have made changes to our iOS FBLogin SDK in response to the overall changes to iOS that will affect all iOS developers who utilize FBLogin. In order to avoid potential app disruption, we are recommending iOS developers to do one of the following, based on how their application is utilizing FBLogin: Developers currently using Limited Login and/or manual endpoints: Update the Facebook Login SDK to the most recent version and update any Limited Login endpoint domains within your application to the new Limited Login endpoint (as shown here). Developers not currently using Limited Login: We recommend you update the Facebook Login SDK to the most recent version, integrate Limited Login into your application, and update any Limited Login endpoint domains within your application to the new Limited Login endpoint (as shown here). Alternatively, you can update the Facebook Login SDK to the most recent version without integrating Limited Login into your application. However, if you do not integrate Limited Login, you will need to handle all Graph API calls using Graph API, iOS. Any Graph API, iOS calls that do not fall within these permissions will fail. Also, please note that the access token will not be valid. You can learn more about how to implement these changes here. You can also visit our FAQ for more information.

It seems I need to update the ios sdk to the lastest version.

I will try to do it in these days

[darwin-morocho]

https://developers.facebook.com/docs/facebook-login/limited-login/faq/

[deniza]

I encountered the same issue and discovered that the exception occurs only when my app has been granted app tracking permission and I use the default FacebookAuth.instance.login() function. This function uses the loginTracking parameter with the default value LoginTracking.limited. When I change the parameter to LoginTracking.enabled, everything works fine.

Therefore, if you are requesting app tracking permission (common if you are using ads) and the user has granted the permission, you should use LoginTracking.enabled.

If you do not want to check if app tracking is enabled, just use:

FacebookAuth.instance.login(loginTracking: LoginTracking.enabled)

This function triggers a limited login if tracking permission is not granted and the "normal" login if tracking is granted. I think LoginTracking.enabled should be the default parameter.

[DevineStar24]

If anyone know how to upgrade Facebook android sdk, Then please describe here in detail My sdk version is too low

i used implementation 'com.facebook.android:facebook-login:latest.release' inside android/app/build.gradle and in dependencies

[CrabMen]

same issue too

[CrabMen]

I faced this problem and have already solved it(i tested on the iOS version 15.4 and 17.4 and I tested both the scenarios of enabling and disabling ad analytics permissions separately . all work fine ). Friends who have the same problem can try to solve it in the following way:

1. add the Privacy - Tracking Usage Descriptionkey in the info.plist file by xcode ,if you use other ide you can also copy this into the info.plist file :

<key>NSUserTrackingUsageDescription</key>
	<string>the descrption why you use this privacy</string>

2. set the loginTracking with LoginTracking.enabled

await FacebookAuth.instance.login(loginTracking:LoginTracking.enabled)

5. flutter clean
6. flutter run

[DevineStar24]

I faced this problem and have already solved it(i tested on the iOS version 15.4 and 17.4 and I tested both the scenarios of enabling and disabling ad analytics permissions separately . all work fine ). Friends who have the same problem can try to solve it in the following way:

1. add the Privacy - Tracking Usage Descriptionkey in the info.plist file by xcode ,if you use other ide you can also copy this into the info.plist file :

<key>NSUserTrackingUsageDescription</key>
	<string>the descrption why you use this privacy</string>

2. set the loginTracking with LoginTracking.enabled

await FacebookAuth.instance.login(loginTracking:LoginTracking.enabled)

5. flutter clean
6. flutter run

I did exactly same, also try various login behavour, but getting issues, For me issue is not resolved even if enabled LoginTracking.enabled

[ambr89]

I've the same problem during

getUserData(fields: "name,email")

Got any solution? @rohnsht

[lukeirvin]

I'm always receiving invalid-credential on iOS

[toddmueller]

I faced this problem and have already solved it(i tested on the iOS version 15.4 and 17.4 and I tested both the scenarios of enabling and disabling ad analytics permissions separately . all work fine ). Friends who have the same problem can try to solve it in the following way:

1. add the Privacy - Tracking Usage Descriptionkey in the info.plist file by xcode ,if you use other ide you can also copy this into the info.plist file :

<key>NSUserTrackingUsageDescription</key>
	<string>the descrption why you use this privacy</string>

2. set the loginTracking with LoginTracking.enabled

await FacebookAuth.instance.login(loginTracking:LoginTracking.enabled)

5. flutter clean
6. flutter run

I did exactly same, also try various login behavour, but getting issues, For me issue is not resolved even if enabled LoginTracking.enabled

I followed the steps people used successfully, but like you, I still get the same message. Were you able to resolve the issue?

[SaimSaudagar]

So it took me while to understand this, I did a littl digging and found they have updated how the token works.

Reference link: https://developers.facebook.com/docs/facebook-login/limited-login/token/validating

Flutter code to decode the token and get the user data:

  final parts = jwtToken.split('.');
  if (parts.length != 3) {
      print('Invalid token');
      return;
  }
  final header = _decodeBase64(parts[0]);
  final payload = _decodeBase64(parts[1]);

  print('Header: $header');
  print('Payload: $payload');

  final email = payload['email'];
  final fullName = payload['name'];
  print('Email: $email');
  print('Name: $fullName');

Decode base64 function:

  Map<String, dynamic> _decodeBase64(String str) {
    String normalized =
        str.padRight(str.length + (4 - str.length % 4) % 4, '=');
    final decodedBytes = base64Url.decode(normalized);
    return jsonDecode(utf8.decode(decodedBytes));
  }

Hope this helps!

Reference from the link:

[DevineStar24]

Hii @SaimSaudagar, I appreciate your efforts but, it's not workin.

I have used both limited and enabled login track but I am getting token like this

EAAKb2l9hNPgBOwGQvkCO8xifdsk4e9ZBIzCCiGvzHeNltrZCLppQv2B5Tpf1iP3Ng4vz7dT6oZAdnpU0GxPxlNTf3fKoewCrr2qXTtdHSRsRus339YGK5gLRytNTihAT4OCXZAXLVAV2CZAZAwZCG3gWs4*ApXFpyopVdtFpQLk8fBw3yeas3pB5cjtpx0wx26IWZAnQabo**************X6lZAjJDwl8RCNZA8kZD

not validating here final parts = jwtToken.split('.'); if (parts.length != 3) { print('Invalid token'); return; }

I am trying Facebook login with these permissions.

     "public_profile",
      "email",
      "openid",
      "pages_show_list",
      "business_management",
      "instagram_basic",
      "pages_manage_engagement",
      "pages_read_engagement",
      "pages_manage_posts",
      "instagram_content_publish",
      "instagram_manage_insights"

[youdianfan]

@DevineStar24 @rohnsht

If the user has not granted IDFA permission, calling await FacebookAuth.instance.getUserData() will result in the error (com.facebook.sdk.core error 8.). Therefore, do not call getUserData if the user hasn't authorized IDFA.

To retrieve Facebook user information, you can instead use a backend service to handle it — pass the access token to your server and let the backend parse the user info or call the appropriate Facebook API directly.

---

Explanation of the Facebook Login error:

Due to Apple’s privacy policy — specifically the App Tracking Transparency (ATT) framework — the Facebook SDK on iOS introduces a Limited Login mode. The SDK automatically switches login behavior based on whether the user has granted IDFA (App Tracking) permission.

After investigating the Facebook Login SDK source code and behavior, we found:

1. When the user does not grant IDFA permission (i.e., denies App Tracking), the Facebook SDK automatically enables Limited Login mode. In this mode:

   • The login result does not return an AccessToken (i.e., token == nil);
   • Instead, it returns an AuthenticationToken, which is only used for identity verification (not for accessing APIs);
   • Calling getUserData in this mode will fail or return empty data, and may result in an error.

2. For users in Limited Login mode, user information parsing and login verification must be handled on the backend:

   • Use the AuthenticationToken and nonce returned by the SDK;
   • Follow the OpenID Connect flow to validate the token with Facebook servers and retrieve user info;
   • If the user refuses IDFA authorization, the app must proceed via Limited Login, and the backend must handle the AuthenticationToken accordingly.

For more detailed information and implementation guidance, please refer to the official Facebook documentation: https://developers.facebook.com/docs/facebook-login/limited-login

---

    LoginTracking tracking = LoginTracking.enabled;
    final status = await AppTrackingTransparency.trackingAuthorizationStatus;
    if (Platform.isIOS) {
      if (status != TrackingStatus.authorized) {
        tracking = LoginTracking.limited;
      }
    }
    final LoginResult result = await FacebookAuth.instance.login(
      permissions: ['email', 'public_profile'],
      loginBehavior: LoginBehavior.nativeWithFallback,
      loginTracking: tracking,
    );
    if (result.status == LoginStatus.success) {
      final AccessToken? accessToken = result.accessToken;
      print("accessToken: ${accessToken?.tokenString}");
    }