Facebook login error - migration to SFA

Please provide the following details too when asking for help in this category:

  • SDK Version: @web3auth/single-factor-auth": ^6.0.0
  • Verifier Details:
    • Verifier Name: root-facebook-verifier

We recently migrated to SFA login from PnP no modal SDK. We were able to successfully migrate our google verifier & custom verifier we created. But we are facing a blocker while doing the same for our facebook verifier. For SFA to work we created the manual login flow suggested by facebook to get the id_token

But after successful login when we are passing this id_token to create the web3auth session an error is getting thrown saying

Uncaught (in promise) Error: Error occurred while verifying paramsBad signature
    at eval (torusUtils.esm.js:78:1)
    at <anonymous>

Any idea how to get around this issue? This has something to do with facebook authentication web3auth is performing in PnP flow & and the facebook authentication we are using now. Please provide more info on this:

Thanks in advance

1 Like

Hey @shahbaz, could you please help us with this one?

Hey @vishnu.rk

For this to work, you would have to create a custom verifier with Facebook’s jwks. As you’re passing, the id_token has already been returned from Facebook. And using that jwks, we will verify the id_token passed through SFA to us using that jwks.

I haven’t tried this, but if you’re aren’t able to find the jwks for Facebook from their portal, the other approach would be to go via Auth0 and use the Facebook login from there.

Yes, this should work and we already thought about this.

  1. But wouldn’t creating a new verifier mean that web3auth will be creating a new wallet for an already existing user on our platform?
  2. Is it possible to use SFA along with old facebook verifier?

Also we are curious why this is different from google social login which we were able to successfully migrate to SFA. Is the id_token in the case of facebook social login issued by a different JWT provider like auth0 or firebase?

1 Like

Hey @shahbaz,

Could you please clarify the things mentioned in the previous comment as well?
We are kind of blocked on this issue and want to make a decision as soon as possible based on your reply.


1 Like

Yes, that’s true.

I think we have an option here, let me confirm with the team internally first.

What steps you took to migrate this?

We built the google login flow at our end and used the idToken received after the google login to create a new web3auth session in the old google social login verifier

Okay thanks, please let us know at the earliest @shahbaz

Hey @shahbaz Any updates on this ?

@shahbaz Please provide an update to this, please let is know if what we are doing is not possible

Hi @vishnu

Thank you for bringing this to my attention. I have shared the matter with the team and will keep you informed of any updates.

Hey @vishnu

Is this resolved?

Meanwhile, we have updated the package to 7.0.1.


Also, we are running monthly community calls. If your issue remains unresolved, please join the call, and we can address it together.
Register https://w3a.link/community-call.