Reset Search



How To Configure Facebook Guest Registration in NAC

« Go Back


TitleHow To Configure Facebook Guest Registration in NAC
Leverage Facebook login credentials to register guests in NAC
  • All NAC platforms
  • Facebook
  • Guest Registration
  • Captive Portal
When implementing Guest Registration using Facebook, you must first create a Facebook application. This generates an Application ID and Application Secret that are required as part of the NAC "OAuth" process. Use the following steps to create a Facebook application:
1. Access the Facebook Developers page at If you already have a Developers account you can log in, otherwise you must create a Developers account.
Once logged in, click the Add New App button to open the Create a New App dialogue.

User-added image

2.  The Add New App window opens. Choose basic setup at the bottom of this screen.

User-added image

3.  Enter a Display Name and select a category for your app. The Display Name is the name of the app that will be presented to the end-user when they grant NAC access to their Facebook information and should clearly indicate what its purpose is, for example, Extreme Networks Guest Registration. Click Create App ID.

User-added image

4.  The Dashboard view opens and displays information about the new app including an App ID and an App Secret.

User-added image

5.  In the left panel, select Settings.
Enter in a valid domain name for the NAC Appliances in the App Domains field in the right-panel Basic tab. For example, if the NAC Appliance to which users are connecting is, enter "" in the App Domain field.

User-added image

6.  Enter a Contact Email.
7. Click Add Platform.
Enter the domain name you added in the App Domain field in step 5 in the Site URL field.
8.  Select Website in the Add Platform options. The Platform window opens.

User-added image

9. Enter the domain name you added in the App Domain field in step 5 in the Site URL field.
10.  Click Save Changes.
11.  Click Add Product

User-added image

12.  Select Facebook Login then click Get Started.

User-added image

13.  Enter the Valid OAuth redirect URIs. A redirect URI is required to redirect the user back to the appliance with an Access Token that NAC uses to access the user account and retrieve the user data. The Redirection URI should be in the following format:

https:// <NAC appliance FQDN>/fb_oauth

A Redirection URI must be added for each NAC appliance where end users can register via Facebook.

Scroll down and click Save Changes.

14.  In the left panel, select App Review. In the right-panel you will see a top section with the question "Do you want to make this app and all its live features available to the general public?" Select Yes and confirm your selection.

Under the Approved Items / Login Permissions section, you will see a list of default permissions that provide access to end user data. (For more information on setting permissions, see 

User-added image

15. Your application is created and ready to use. You must now add the App ID and App Secret to your NAC portal configuration.

Configure NAC Manager 

The Application ID and Application Secret assigned during the creation of the Facebook application must be provided in the NAC Portal Configuration in order for the entire process to complete properly.
  1. Use the NAC Manager toolbar button to open the NAC Configuration window.
  2. In the left-panel tree, expand the Portal icon and select Guest Registration.

    User-added image
  3. In the Customize Fields section, click the "change" link to open the "Manage Custom Fields" window where you can change registration portal fields. Facebook registration uses only the First Name, Last Name, and Email Address fields, and the Display Acceptable Use Policy (AUP) option. All other fields only apply to regular guest registration. If the Display AUP option is selected, the captive portal will verify that the AUP has been acknowledged before redirecting the user to Facebook.
  4. Select the Facebook Registration checkbox.
  5. Enter the Facebook App ID and Facebook App Secret.
  6. Click Save. You will see some warnings messages stating that Verification Method and Sponsorship are not used for Facebook registration, and that an FDQN is required and will be enabled.
  7. Enforce the new configuration to your appliances.
How Facebook Registration Works

Once you have configured Facebook registration using the steps above, the registration process will work like this:
  1. The end user attempts to access an external Web site. Their HTTP traffic is redirected to NAC’s captive portal.
  2. In the Guest Registration Portal, the end user selects the option to register using Facebook.
  3. The end user is redirected to the Facebook login. If Acceptable Use Policy option is configured, the captive portal will verify that the AUP has been acknowledged before redirecting the user to Facebook.
  4. Once logged in, the end user is presented with the information that NAC will receive from Facebook.
  5. The end user grants NAC access to the Facebook information and is redirected back to NAC's captive portal where they see a "Registration in Progress" message.
  6. Facebook provides the requested information to NAC, which uses it to populate the user registration fields.
  7. The registration process completes and network access is granted.
  8. The word "Facebook" is added to the user name so that you can easily search for Facebook registration via the Registration Administration web page.

Special Deployment Considerations

Please read through the following deployment consideration prior to configuring Facebook Registration.

Networks Using DNS Proxy

Facebook Registration for networks redirecting HTTP traffic to the NAC captive portal using DNS Proxy requires additional configuration.
In order for Facebook Registration to work properly with DNS Proxy, all domains/URLs necessary to properly load the Facebook web page must be added to the Allowed URLs/Allowed Domains section of the captive portal configuration. Otherwise, the NAC appliance will resolve DNS queries for these components to the NAC appliance IP causing the page to not load properly.
As of July 26, 2014, you must add the following domains in order for Facebook registration to work with DNS Proxy. These domains are subject to change and may vary based on location.
Additional notes




Was this article helpful?



Please tell us how we can make this article more useful.

Characters Remaining: 255