Facebook today introduced an updated version of its app permissions dialog that makes it clearer what an app will do, what information it can access and who it shares activity with after being installed. According to a post on the company’s Developer Blog, the new dialog will be mandatory for all apps on Feb. 15.
As the social network prepares to expand the number of Open Graph apps that can continuously publish to Ticker, News Feed and Timeline, it is taking steps to help users feel comfortable adding them. Old versions of the Auth Dialog were vague and did not provide inline controls. Many users either allowed permissions they didn’t understand and subsequently got frustrated with apps taking actions on their behalf, or they avoided adding apps all together. The new design aims to alleviate this with clear sections “About this app,” “Using this app requires” and “Who can see activity from this app on Facebook.”
Users can adjust their privacy settings for the app directly from the permissions window. Although this may lead some users to limit the groups of people it shares app activity with, it is ultimately good for the platform to provide these controls. An all-or-nothing approach could lead to backlash and impede growth.
When developers ask for extended permissions, these will show in a second dialog with the option for users to deny individual requests. Facebook is providing a section of this window to explain why the app is requesting the permissions. This is an improvement over the old dialog, which could turn off some users who did not understand why an app might want to access their photos or manage their events.
The social network revealed a similar version of the Auth Dialog for Timeline apps at f8 in September. One difference with this update is the lack of visuals. As seen below, Facebook had previously tested a permissions box that included examples of how the app would appear on a user’s profile.
Facebook also announced that it will deprecate the offline access permission. This was one of the most difficult permissions for users to understand. Eliminating it as a specific request could improve an app’s accept rate. Facebook said it will provide developers an alternative way to reset the expiration time for valid, existing access tokens. Developers who had been using the offline access permission will have until May 1 to update their apps.
A version of the old Auth Dialog, including the offline access request, is seen below. Note how unlike with the new dialog, none of the language is customized for the app.