You can pass display, scope, or auth_type params to the auth request, if you need to set them dynamically. You can also set these options in the OmniAuth config :authorize_params option.

For example: /auth/facebook?display=popup

NOTE If we‘re using code from the signed request then FB sets the redirect_uri to ’’ during the authorize

     phase and it must match during the access_token phase:
     https://github.com/facebook/facebook-php-sdk/blob/master/src/base_facebook.php#L477