Facebook today launched an improved version of its Auth Dialog available and announcing the migration plan for developers. Over the past few months, Facebook has been testing and iterating on the new Auth Dialog to incorporate feedback from users, developers, and other third parties. On February 1, 2012, all apps will get the improved dialog. Those that haven't fully configured their dialog can disable the setting in the Developer App until February 15, at which time it will be turned on for all apps.
The new design aims to make users more comfortable with installing apps, especially those who previously got frustrated with apps taking actions on their behalf or those who avoided apps in general when they saw the dialog. As you can see in the screenshot above, the new design has a clear headline and description, an About This App" section, a "Who can see activity from this app on Facebook" section, and a "Using this app requires" section.
The new Auth Dialog is starting to rolling out today for Web, mobile, and desktop apps. You, the developer, can start using it in your app by enabling the "Enhanced Auth Dialog" setting in the Developer App. When you upgrade to the new dialog, update your headline and description via the Developer App and verify that your apps don't break if users deny optional permissions – see the following tutorial, How-To: Handle Revoked Auth Permissions.
Facebook lists the following improvements for the new Auth Dialog:
More Control & Clarity for Users: the new, inline privacy setting allows a user to control who can see their app activity on Facebook. With this setting, people can share their app activity with as large or small an audience as they'd like. Headline and description areas have been added so developers can help people learn about their apps before installing them. There is also a new area of the dialog to let people know when they're installing a Timeline app, which will share their activity in the app on Facebook.
Optional Permissions: extended permissions (such as "publish_stream" and "create_events") have been moved to a second screen so they're easier to review. Facebook is also making them optional for users, and lets developers explain why they are requesting them. The 'offline_access' permission is being deprecated and developers are being given a method to reset the expiration time for valid, existing access tokens when a user interacts with their app. As a result, developers utilizing this permission will have until May 1, 2012 to update their apps (see Deprecation of Offline Access Permission).
Authenticated Referrals: if you're building a social app, where all of your users are Facebook users, this new product will streamline the authentication process. By enabling the feature, the permissions dialog will be displayed inline when people click any link to your app on Facebook, enabling you to personalize people's experiences the moment they arrive at your app.
"By introducing new ways for people learn about an app and giving them more control over their data, we believe this update will benefit both users and developers," a Facebook spokesperson said in a statement. "We appreciate the feedback we've received during the development of the new dialog over the past few months."
In summary, the new Auth Dialog is meant to improve privacy and be clearer to the social network's users. It also has a few advantages for developers as they have more room to convince users to install their app. It's hardly a coincidence that this is being announced today. See my post What is Facebook announcing on January 18, 2012? for more information (the name of the app in the screenshot above further confirms it).