This error indicates that there is a missing domain(s) that needs to be added to the Client OAuth Settings in your Facebook Developer app (login or setup your account at You'll need to verify that the whitelist includes all possible domains used by your organization to host social login or sharing, including secure (https) and nonsecure (http) domains. To accomplish this, follow the steps below.
  1. From your Facebook Developer account, pull up the appropriate app (My Apps>select your app)
  2. Click Settings from the left navigation bar
  3. Under the Website section, make sure that your Janrain Engage app domain is listed under Site URL (ex. and not your Luminate or organization's website
  4. Make the appropriate changes if applicable and click Save Changes
  5. Next, click the Advanced tab at the top of the page
  6. Scroll down to the Client OAuth Settings section
  7. Under Valid OAuth redirect URIs, enter your Janrain Engage app domain plus /facebook/callback (ex. along with your frontend Luminate Online domain.
  8. Scroll down and click Save Changes