How safe is Facebook integration in ONLYOFFICE Workspace

2 June 2021 By Nadya 0 83 views
Share

Hello!

We got some questions on how we use Facebook in ONLYOFFICE and whether we pass any of our users’ data to it. You’ll find the answers in this post.

How safe Is Facebook integration in ONLYOFFICE Workspace

Does ONLYOFFICE Workspace include Facebook trackers?

No, ONLYOFFICE Workspace does not collect any data — we don’t use any activity trackers such as Facebook analytics. We don’t use any other Facebook SDK either.

How Facebook is used?

There are 3 main purposes:

  • login via Facebook,
  • sharing links to portal content,
  • sharing a portal invitation link.

Is authentication via Facebook safe?

In ONLYOFFICE Workspace, we do use oAuth from Facebook.

Logging into Facebook and obtaining an access code is performed in a separate window. After that, the portal gets an access token and your Facebook profile is requested and linked to your ONLYOFFICE account.

No information is transmitted from the portal to Facebook during this process. See source code

How to disable Facebook authentication?

Logging in via Facebook can be enabled and disabled in the self-hosted version of ONLYOFFICE Workspace: Services -> Integration -> Third-party Services.

How safe Is Facebook integration in ONLYOFFICE Workspace

More information can be found in our Help Center.

In the cloud version, logging in via Facebook is enabled by default for paid tariffs.

Is sharing links and inviting people via Facebook safe?

In both cases, ONLYOFFICE uses a mechanism for posting to a user’s Facebook profile. However, no Facebook scripts or SDK are used. We only insert a link: https: //www.facebook.com/dialog/feed?.

You can check our source code for both cases:

How safe Is Facebook integration in ONLYOFFICE Workspace

How safe Is Facebook integration in ONLYOFFICE Workspace

My safety addon warns me that ONLYOFFICE uses Facebook. What do I do?

Such add-ons as Facebook Container for Firefox detect links to Facebook in the HTML code. We explained it above that this is safe and no data is passed to Facebook.

You can also check it yourself:

  • Open the browser console.
  • Check the request addresses in the Network tab: there will be no Facebook domain.
  • Check the page HTML code: there will be a link to Facebook. It is safe.

Add a comment