The "state" param from the URL and session do not match

facebook login sdk state param
Pedro Henrique picture Pedro Henrique · Jul 10, 2015 · Viewed 31.8k times · Source

In facebook documantion 

require('include/facebook/autoload.php'); //SDK directory
$fb = new Facebook\Facebook([
'app_id' => '***********',
'app_secret' => '***********************'
]);

$helper = $fb->getRedirectLoginHelper();
$permissions = ['email', 'public_profile']; // optional
$loginUrl = $helper->getLoginUrl('http://www.meusite.com.br/login-callback.php', $permissions);

When direct it to the url $loginUrl, the return is: Facebook SDK returned an error: Cross-site request forgery validation failed. The "state" param from the URL and session do not match

Answer

tasmaniski picture tasmaniski · Aug 6, 2015

I had the same error.

The problem occurred because I did getLoginUrl(...) before getAccessToken()

So rid of getLoginUrl(...) in redirected URL and code should works.

Related questions

Error compile in "Use Facebook Login example"

I'm trying to create the Login Application in this tutorial: I'm getting this error in my logcat: 11-22 15:57:53.863: E/AndroidRuntime(816): com.facebook.FacebookException: Cannot use SessionLoginBehavior SSO_WITH_FALLBACK when com.facebook.LoginActivity is not declared as an activity in …

Read More
Given URL is not allowed by the Application configuration

I am trying to create facebook sign-in page according to this tutorial. I only changed the two lines appId : '370675846382420', // App ID channelUrl : '//http://bp.php5.cz/channel.html', // Channel File and I get the following error Given …

Read More
Facebook login "given URL not allowed by application configuration"

I've added facebook login to my site. However, when I click the button, I get a red box that says: Invalid Argument Given URL is not allowed by the Application configuration. If I continue to login then I get: API …

Read More