Hi!
I’m looking for information to implement my hotspot login with facebook like .
I know that facebook has developed an application itself, but it works only for some devices ( really expensive in my area 
) .
I have tried many of the solutions I 've found on the web but no results.
Can they help ?
Sorry for my horrible English, but only use Spanish.
Tnx
You would have to somehow implement a facebook to radius solution. Unfortunately, that is outside the scope of the mikrotik forums.
Once that is done, simply point the mikrotik aaa to that radius server.
Facebook never shares your password with 3rd party apps, and apps don’t enter the credentials themselves either, so a RADIUS-to-Facebook is theoretically impossible.
What IS possible is that you create temporary users to login with if users have successfully logged in with Facebook.
To do that, create a web server with PHP (so a separate device; or if your router has GBs of memory, make a VM), register it as an app, and on the hotspot login page, add a special link to facebook that will redirect users back to the web server… At the web server, if authentication was successful, you can add a temporary hotspot/RADIUS user in some fashion (e.g. the API protocol; or in the case of FreeRADIUS - by MySQL access), and redirect back to the router with the temporary username and its password attached to the login page’s URL. Remove said user on logout.
There aren’t really any “premade” solutions, as all of these components are all pre-existing (you have Facebook’s PHP SDK, RouterOS API clients, MySQLi extension…), yet need to be carefully orchestrated in the above fashion.
Actually, there are a lot of non-facebook services that use facebook as a login. The router never needs to know the password, and neither does the radius server.
Facebook has a developers API just for this:
Right. That’s kind of what I said… I’m talking about this very API. Except that the router/radius server not only doesn’t need - it can’t - know the password. It can’t even receive it, as a means to then forward it.
I’m saying this, as in your first reply, you said:
Which implies the RADIUS server would receive the Facebook username and password, then check up with Facebook to see whether they are correct, and tell the router to proceed on success. THAT is not possible. The Facebook API doesn’t work that way.
Apps never receive the username and password. They redirect to Facebook. Facebook receives the username and password, after which it redirects back to a URL, dictated by the app. See the very documentation you’re linking to.