I'm currently scoping for just email on my Facebook login link
$params = array(
'redirect_uri' => $redirect_url,
'scope' => 'email'
);
But Facebook states that the user is providing access to their friend list. Users will not login because of this requirement.
Does anyone know how to turn it off?