diff --git a/src/Security/Authentication/Facebook/src/FacebookDefaults.cs b/src/Security/Authentication/Facebook/src/FacebookDefaults.cs
index 51e4e60c916f..cec9098ed140 100644
--- a/src/Security/Authentication/Facebook/src/FacebookDefaults.cs
+++ b/src/Security/Authentication/Facebook/src/FacebookDefaults.cs
@@ -24,16 +24,16 @@ public static class FacebookDefaults
///
/// For more details about this endpoint, see https://developers.facebook.com/docs/facebook-login/manually-build-a-login-flow#login.
///
- public static readonly string AuthorizationEndpoint = "https://www.facebook.com/v8.0/dialog/oauth";
+ public static readonly string AuthorizationEndpoint = "https://www.facebook.com/v11.0/dialog/oauth";
///
/// The OAuth endpoint used to retrieve access tokens.
///
- public static readonly string TokenEndpoint = "https://graph.facebook.com/v8.0/oauth/access_token";
+ public static readonly string TokenEndpoint = "https://graph.facebook.com/v11.0/oauth/access_token";
///
/// The Facebook Graph API endpoint that is used to gather additional user information.
///
- public static readonly string UserInformationEndpoint = "https://graph.facebook.com/v8.0/me";
+ public static readonly string UserInformationEndpoint = "https://graph.facebook.com/v11.0/me";
}
}
diff --git a/src/Security/Authentication/test/FacebookTests.cs b/src/Security/Authentication/test/FacebookTests.cs
index 6b2d1b71a38c..638e6debedfc 100644
--- a/src/Security/Authentication/test/FacebookTests.cs
+++ b/src/Security/Authentication/test/FacebookTests.cs
@@ -233,7 +233,7 @@ public async Task NestedMapWillNotAffectRedirect()
var transaction = await server.SendAsync("http://example.com/base/login");
Assert.Equal(HttpStatusCode.Redirect, transaction.Response.StatusCode);
var location = transaction.Response.Headers.Location.AbsoluteUri;
- Assert.Contains("https://www.facebook.com/v8.0/dialog/oauth", location);
+ Assert.Contains("https://www.facebook.com/v11.0/dialog/oauth", location);
Assert.Contains("response_type=code", location);
Assert.Contains("client_id=", location);
Assert.Contains("redirect_uri=" + UrlEncoder.Default.Encode("http://example.com/base/signin-facebook"), location);
@@ -266,7 +266,7 @@ public async Task MapWillNotAffectRedirect()
var transaction = await server.SendAsync("http://example.com/login");
Assert.Equal(HttpStatusCode.Redirect, transaction.Response.StatusCode);
var location = transaction.Response.Headers.Location.AbsoluteUri;
- Assert.Contains("https://www.facebook.com/v8.0/dialog/oauth", location);
+ Assert.Contains("https://www.facebook.com/v11.0/dialog/oauth", location);
Assert.Contains("response_type=code", location);
Assert.Contains("client_id=", location);
Assert.Contains("redirect_uri=" + UrlEncoder.Default.Encode("http://example.com/signin-facebook"), location);
@@ -301,7 +301,7 @@ public async Task ChallengeWillTriggerRedirection()
var transaction = await server.SendAsync("http://example.com/challenge");
Assert.Equal(HttpStatusCode.Redirect, transaction.Response.StatusCode);
var location = transaction.Response.Headers.Location.AbsoluteUri;
- Assert.Contains("https://www.facebook.com/v8.0/dialog/oauth", location);
+ Assert.Contains("https://www.facebook.com/v11.0/dialog/oauth", location);
Assert.Contains("response_type=code", location);
Assert.Contains("client_id=", location);
Assert.Contains("redirect_uri=", location);