Over the years, Facebook has dabbled with a bunch of different ways of apps requesting/handling user permissions and data.
This is not, actually, the first time Facebook has enabled this level of granularity, as far as users being able to grant permissions piecemeal.
It used to be (not sure if it still is) that an app could request one permission here, one permission there, at various points in its application flow. But with each request (in which you could bundle a bunch of different permissions) it was either an "all or none" decision for the user.
This new approach just makes things a little easier, because you can present all of the permissions and data request up front and let the user pick and choose what should be granted.
I think this Facebook thing is really going to take off one day.
IME when logging in via Facebook, I can choose to not allow that site to have the ability to do certain things (like not post to my wall etc)
I also develop an application that uses Facebook login, and we (using django-social-auth) request one set of permissions initially, and request more later if the user wants to do advanced stuff.
This is not, actually, the first time Facebook has enabled this level of granularity, as far as users being able to grant permissions piecemeal.
It used to be (not sure if it still is) that an app could request one permission here, one permission there, at various points in its application flow. But with each request (in which you could bundle a bunch of different permissions) it was either an "all or none" decision for the user.
This new approach just makes things a little easier, because you can present all of the permissions and data request up front and let the user pick and choose what should be granted.
I think this Facebook thing is really going to take off one day.