Same here.
For transparency reasons I will also be listing Mark Zuckerberg's phone, postal and residence address on our contact page (100% of the support requests we get are about facebook problems anyway)
It depends on what level of access you want. My app just uses basic verification - I get to see the user's name, Facebook ID number, and photo. That's it.
I don't have to provide any of my personal data as a developer to Facebook. I do have to provide a privacy policy. I haven't received a similar email to you.
As that blog post says, Business Verification is required for "Advanced Access".
So, if you can, change the level of access that you need. If all you're using Facebook for is an identity provider see if you can drop the number of permissions you're requesting.
If that fails. Get a cheap disposable SIM and use that as your phone number for Facebook verification.
Every year september / october FTC compliance push happens - and your product will get randomly flagged and disabled by AI.
This year, there’s gonna be even fewer humans to correct the madness. Not having FB login is a mercy, not a mistake.
I don't know what country you are in, but if you are concerned about a phone number and postal address, there are myriad ways to obtain both of those which can effectively obscure your location and identity.
* Get a Google Voice or other VoIP provider.
* Get a burner cell phone.
* Get a business account with your PSTN provider and run an Asterisk PBX or something.
* Obtain a PO Box at your US Postal Service, UPS Store, or an independent provider of boxes.
* Identify a coworking space where you can receive postal mail, and use its address.
This may be what you're looking for.
Something like OAuth2 or OICD "Permission Scopes" -- the permissions that a user can grant your app, just prior to their accepting the log in via that particular social-media authentication provider.
https://developers.facebook.com/docs/permissions/reference/
Here are examples:
https://www.loginradius.com/blog/engineering/facebook-authen...
> Anyone with an experience with this? I don't want my address and/or phone number publicly visible, so what are my options here?
Depending where you are, you may already be required to share this information, for example any business here in the UK must have their company registration number , registered office address, and contact (email and post) details, on any website.
I would remove the FB option, maybe add some other services (like Discord or Twitch or whatever) just to offer different options.
Yeah and to sign in with apple on your website, you MUST have an ios app in the app store. i.e. pay $99 a year.
Could you switch to just using passkeys instead of Google, Apple, or Facebook federated identity? This eliminates the risk of storing passwords, and also doesn't create a dependency on one of the companies mentioned. You'll still need to store username, email, or both, depending on your use case. You can also create a code path that will transition accounts from federated identity to self hosted with passkeys as well.
https://passkeys.dev/docs/tools-libraries/libraries/
https://passkeys.directory/
https://www.corbado.com/blog/user-transition-passkeys-expert...