Facebook says to my users, during the app authentication popup, that I (my app) will receive the user's
[My app] will receive the following info: your public profile, friend list, email address and birthday.
even though my login button is only:
The documentation says
A user access token with
user_friends permission is required to view the current person's friends.
but I didn't ask for
user_friends. How do I prevent it from saying "friend list" so as not to scare away my users?
Best How To :
user_friends permission is part of the "Basic Permissions" or "Basic Info" - i.e. those permissions which are included by default when a user connects to your application.
From the FB docs on this:
Basic info is part of every request for permissions. It includes several elements from a person's public profile and a list of their friends.
A user's friends can individually control if they want their information available to the applications of friends by adjusting their own privacy settings.
Since this is the default behaviour, I think that if your users are accustomed to using Facebook applications then they will not be scared away by this - if they have installed an application before then they will have seen this before.
Unfortunately, at the moment you cannot prevent it from saying friend list.