diff --git a/Config.js b/Config.js
index b9ede8db..df44f8b1 100644
--- a/Config.js
+++ b/Config.js
@@ -20,6 +20,7 @@ function Config(applicationId, mount) {
   this.dotNetKey = cacheInfo.dotNetKey;
   this.restAPIKey = cacheInfo.restAPIKey;
   this.fileKey = cacheInfo.fileKey;
+  this.facebookAppIds = cacheInfo.facebookAppIds;
   this.mount = mount;
 }
 
diff --git a/README.md b/README.md
index d82beb77..700d6754 100644
--- a/README.md
+++ b/README.md
@@ -17,6 +17,7 @@ There is a development wiki here on GitHub: https://github.com/ParsePlatform/par
 * masterKey (required) - The master key to use for overriding ACL security
 * cloud - The absolute path to your cloud code main.js file
 * fileKey - For migrated apps, this is necessary to provide access to files already hosted on Parse.
+* facebookAppIds - An array of valid Facebook application IDs.
 
 #### Client key options:
 
diff --git a/RestWrite.js b/RestWrite.js
index e7ff9c78..2e57f8fc 100644
--- a/RestWrite.js
+++ b/RestWrite.js
@@ -219,7 +219,7 @@ RestWrite.prototype.handleFacebookAuthData = function() {
   return facebook.validateUserId(facebookData.id,
                                  facebookData.access_token)
     .then(() => {
-      return facebook.validateAppId(process.env.FACEBOOK_APP_ID,
+      return facebook.validateAppId(this.config.facebookAppIds,
                                     facebookData.access_token);
     }).then(() => {
       // Check if this user already exists
diff --git a/facebook.js b/facebook.js
index 23dc45b3..dd023bfd 100644
--- a/facebook.js
+++ b/facebook.js
@@ -16,10 +16,15 @@ function validateUserId(userId, access_token) {
 }
 
 // Returns a promise that fulfills iff this app id is valid.
-function validateAppId(appId, access_token) {
+function validateAppId(appIds, access_token) {
+  if (!appIds.length) {
+    throw new Parse.Error(
+      Parse.Error.OBJECT_NOT_FOUND,
+      'Facebook auth is not configured.');
+  }
   return graphRequest('app?access_token=' + access_token)
     .then((data) => {
-      if (data && data.id == appId) {
+      if (data && appIds.contains(data.id)) {
         return;
       }
       throw new Parse.Error(
diff --git a/index.js b/index.js
index 9fe45016..79a32198 100644
--- a/index.js
+++ b/index.js
@@ -26,6 +26,8 @@ addParseCloud();
 // "cloud": relative location to cloud code to require
 // "appId": the application id to host
 // "masterKey": the master key for requests to this app
+// "facebookAppIds": an array of valid Facebook Application IDs, required
+//                   if using Facebook login
 // "collectionPrefix": optional prefix for database collection names
 // "fileKey": optional key from Parse dashboard for supporting older files
 //            hosted by Parse
@@ -59,9 +61,15 @@ function ParseServer(args) {
     javascriptKey: args.javascriptKey || '',
     dotNetKey: args.dotNetKey || '',
     restAPIKey: args.restAPIKey || '',
-    fileKey: args.fileKey || 'invalid-file-key'
+    fileKey: args.fileKey || 'invalid-file-key',
+    facebookAppIds: args.facebookAppIds || []
   };
 
+  // To maintain compatibility. TODO: Remove in v2.1
+  if (process.env.FACEBOOK_APP_ID) {
+    cache.apps[args.appId]['facebookAppIds'].push(process.env.FACEBOOK_APP_ID);
+  }
+
   // Initialize the node client SDK automatically
   Parse.initialize(args.appId, args.javascriptKey || '', args.masterKey);