Configure Facebook SSO (OAuth 2)

This guide explains how to configure Single Sign-On (SSO) using Facebook via the OAuth 2.0 protocol.

SSO is available on the Baserow Advanced and Enterprise plan. You must have a valid license activated to configure these settings.

Overview

The Facebook SSO integration allows users to log in to Baserow using their existing Facebook credentials.

To set this up, you must register a “Meta App” in the Facebook Developers portal and connect it to your Baserow instance using the App ID and App Secret.

Facebook SSO setup in Baserow

Prerequisites

  • Baserow: You must be an Instance Admin on a self-hosted plan.
  • Facebook: To create an app with Meta, you must first register as a developer and be logged in to your developer account.

Phase 1: Create a Meta App

  1. Log in to the Meta for Developers Portal.
  2. Click Create App.
  3. App details:
    • App name: Enter Baserow.
    • App contact email: Enter your administrator email. Click Next.
  4. Use cases: Select one or more use cases for your app. You can add additional, compatible use cases now or at any time during development. Click Next.
  5. Business: Connect a verified business portfolio to your app to get access to third-party user and business data from other business portfolios and publish this app. Click Next.
  6. Publishing requirements: Your app might need to complete certain requirements, such as App Review, to get and maintain data access for your app’s use cases. Click Next.
  7. Review your app’s details, use cases, connected business, and requirements. If you need to make any changes, you can click App details, Use cases, Business, or Requirements at the top of the page or the Previous button in the lower-right.
  8. Click Go to dashboard to finalized the app creation process.

You are redirected to the dashboard and can now customize each use case you’ve selected for your app.

Create a Meta App for Baserow

Phase 2: Configure Facebook Login

You need to tell Facebook where to redirect users after they log in.

  1. Get Baserow Callback URL:
    • Open a new tab. Go to Baserow Admin tools -> Authentication -> + Add Provider -> Facebook.
    • Copy the Callback URL displayed in the modal (e.g., https://baserow.yourdomain.com/api/sso/oauth2/callback).
  2. Add Facebook Login product:
    • In the Facebook App Dashboard, locate the “Add a product” section.
    • Find Facebook Login and click Set up.
    • Select Web as the platform.
  3. Configure settings:
    • In the left sidebar, go to Facebook Login -> Settings.
    • Locate the field Valid OAuth Redirect URIs.
    • Paste your Baserow Callback URL.
  4. Click Save changes.

Learn more: Get Baserow Callback URL

Configure Facebook Login for Baserow SSO

Phase 3: Basic settings & live mode

  1. In the sidebar, go to App Settings -> Basic.
  2. App Domains: Enter your Baserow domain (e.g., baserow.yourdomain.com).
  3. Privacy Policy URL: Enter a valid URL.
  4. Site URL: Scroll down to the “Website” section (click “Add Platform” -> “Website” if not visible) and enter your Baserow homepage URL.
  5. Click Save changes.
  6. Go live: Toggle the switch at the top of the screen from Development to Live.

Basic settings & live mode in Facebook

Phase 4: Connect Facebook to Baserow

  1. Stay on the App Settings -> Basic page.
  2. Copy the App ID.
  3. Click “Show” and copy the App Secret.
  4. Return to Baserow:
    • In the Add Facebook Provider modal.
    • Name: Enter Facebook.
    • Client ID: Paste the App ID.
    • Secret: Paste the App Secret.
  5. Click Save.

Troubleshooting & common issues

Error: “URL Blocked: This redirect failed because the redirect URI is not whitelisted”

This means the Callback URL in Baserow does not match what you put in Facebook’s “Valid OAuth Redirect URIs”.

  • Check: Did you include https://?
  • Check: Did you inadvertently add a trailing slash / in one place but not the other?

App Mode (Development vs. Live)

If you can log in but your colleagues cannot, check the App Mode toggle at the top of the Facebook dashboard. If it is in Development mode, only administrators of the Facebook App can log in. Switch it to Live for general access.

Frequently Asked Questions (FAQ)

Can I map Facebook Groups to Baserow roles?

No. Baserow supports Just-In-Time (JIT) provisioning, which creates the user account upon login. However, it does not sync Facebook group memberships or roles. You must manually assign roles in Baserow (e.g., Admin vs. Editor) after the user logs in.

Do I need to submit my app for App Review?

Generally, no. If you only use the default email and public_profile permissions for SSO, you do not need to go through the full App Review process for “Business” verification, provided you have verified your business status in the settings.

Related content

Still need help? If you’re looking for something else, please feel free to make recommendations or ask us questions; we’re ready to assist you.