diff --git a/lib/modules/facebook.js b/lib/modules/facebook.js
index 9857cfee..1e168b07 100644
--- a/lib/modules/facebook.js
+++ b/lib/modules/facebook.js
@@ -1,5 +1,7 @@
 var oauthModule = require('./oauth2')
-  , url = require('url');
+  , url = require('url')
+  , crypto = require('crypto')
+  , qs = require('querystring');
 
 var fb = module.exports =
 oauthModule.submodule('facebook')
@@ -39,11 +41,19 @@ oauthModule.submodule('facebook')
 
   .fetchOAuthUser( function (accessToken) {
     var p = this.Promise();
-    var fieldsQuery = "";
+    var params = {};
     if (this._fields && this._fields.length > 0){
-        fieldsQuery = "?fields=" + this.fields();
+        params.fields = this.fields();
     }
-    this.oauth.get(this.apiHost() + '/me' + fieldsQuery, accessToken, function (err, data) {
+    
+    if (this._appSecret && accessToken) {
+      var hmac = crypto.createHmac('sha256', this._appSecret);
+      hmac.update(accessToken);
+      params.appsecret_proof = hmac.digest('hex');
+    }
+    
+    var query = '?' + qs.stringify(params);
+    this.oauth.get(this.apiHost() + '/me' + query, accessToken, function (err, data) {
       if (err) return p.fail(err);
       var oauthUser = JSON.parse(data);
       p.fulfill(oauthUser);