I have a web system in which I capture the user id of Facebook and store it in the database for later use, I am currently calling via the SDK and the command by hidden field (low security method).
Would you like to know if I can enter this information (the id) in some more secure way?
The recommended way is to follow the authentication flow set by Facebook, so they ensure the "secure way ". But I imagine you are authenticating with Facebook's api on the front, picking up the user's data (id) and sending it to the server.
Another way to do this would be to send a request ( Required Https ) by passing the accessToken you got on the front, and in the backend revalidate that token and get the user data through api again.
