diff --git a/src/applications/auth/controller/oauthdiagnostics/PhabricatorOAuthDiagnosticsController.php b/src/applications/auth/controller/oauthdiagnostics/PhabricatorOAuthDiagnosticsController.php
index 81460bd9f5..5fada6c989 100644
--- a/src/applications/auth/controller/oauthdiagnostics/PhabricatorOAuthDiagnosticsController.php
+++ b/src/applications/auth/controller/oauthdiagnostics/PhabricatorOAuthDiagnosticsController.php
@@ -131,44 +131,46 @@ final class PhabricatorOAuthDiagnosticsController
       }
     }
 
-    $test_uri = new PhutilURI($provider->getTokenURI());
-    $test_uri->setQueryParams(
-      array(
-        'client_id'       => $client_id,
-        'client_secret'   => $client_secret,
-        'grant_type'      => 'client_credentials',
-      ));
+    if ($provider->shouldDiagnoseAppLogin()) {
+      $test_uri = new PhutilURI($provider->getTokenURI());
+      $test_uri->setQueryParams(
+        array(
+          'client_id'       => $client_id,
+          'client_secret'   => $client_secret,
+          'grant_type'      => 'client_credentials',
+        ));
 
-    $token_value  = @file_get_contents($test_uri, false, $timeout);
-    $token_strict = @file_get_contents($test_uri, false, $timeout_strict);
-    if ($token_value === false) {
-      $results['App Login'] = array(
-        $res_no,
-        null,
-        "Unable to perform an application login with your Application ID and ".
-        "Application Secret. You may have mistyped or misconfigured them; ".
-        "{$name} may have revoked your authorization; or {$name} may be ".
-        "having technical problems.");
-    } else {
-      if ($token_strict) {
+      $token_value  = @file_get_contents($test_uri, false, $timeout);
+      $token_strict = @file_get_contents($test_uri, false, $timeout_strict);
+      if ($token_value === false) {
         $results['App Login'] = array(
-          $res_ok,
-          '(A Valid Token)',
-          "Raw application login to {$name} works.");
+          $res_no,
+          null,
+          "Unable to perform an application login with your Application ID ".
+          "and Application Secret. You may have mistyped or misconfigured ".
+          "them; {$name} may have revoked your authorization; or {$name} may ".
+          "be having technical problems.");
       } else {
-        $data = json_decode($token_value, true);
-        if (!is_array($data)) {
+        if ($token_strict) {
           $results['App Login'] = array(
-            $res_no,
-            $token_value,
-            "Application Login failed but the provider did not respond ".
-            "with valid JSON error information. {$name} may be experiencing ".
-            "technical problems.");
+            $res_ok,
+            '(A Valid Token)',
+            "Raw application login to {$name} works.");
         } else {
-          $results['App Login'] = array(
-            $res_no,
-            null,
-            "Application Login failed with error: ".$token_value);
+          $data = json_decode($token_value, true);
+          if (!is_array($data)) {
+            $results['App Login'] = array(
+              $res_no,
+              $token_value,
+              "Application Login failed but the provider did not respond ".
+              "with valid JSON error information. {$name} may be experiencing ".
+              "technical problems.");
+          } else {
+            $results['App Login'] = array(
+              $res_no,
+              null,
+              "Application Login failed with error: ".$token_value);
+          }
         }
       }
     }
diff --git a/src/applications/auth/oauth/provider/base/PhabricatorOAuthProvider.php b/src/applications/auth/oauth/provider/base/PhabricatorOAuthProvider.php
index d7d0263d5e..5edfc6f76e 100644
--- a/src/applications/auth/oauth/provider/base/PhabricatorOAuthProvider.php
+++ b/src/applications/auth/oauth/provider/base/PhabricatorOAuthProvider.php
@@ -45,6 +45,14 @@ abstract class PhabricatorOAuthProvider {
     return array();
   }
 
+  /**
+   * If the provider supports application login, the diagnostics page can try
+   * to test it. Most providers do not support this (Facebook does).
+   */
+  public function shouldDiagnoseAppLogin() {
+    return false;
+  }
+
   abstract public function getTokenURI();
 
   /**
diff --git a/src/applications/auth/oauth/provider/facebook/PhabricatorOAuthProviderFacebook.php b/src/applications/auth/oauth/provider/facebook/PhabricatorOAuthProviderFacebook.php
index 55ed60a9ae..e5cda4cedf 100644
--- a/src/applications/auth/oauth/provider/facebook/PhabricatorOAuthProviderFacebook.php
+++ b/src/applications/auth/oauth/provider/facebook/PhabricatorOAuthProviderFacebook.php
@@ -118,4 +118,8 @@ final class PhabricatorOAuthProviderFacebook extends PhabricatorOAuthProvider {
     return $this->userData['name'];
   }
 
+  public function shouldDiagnoseAppLogin() {
+    return true;
+  }
+
 }
diff --git a/src/applications/auth/oauth/provider/github/PhabricatorOAuthProviderGitHub.php b/src/applications/auth/oauth/provider/github/PhabricatorOAuthProviderGitHub.php
index 6369fdc7c1..1ddcb7d72a 100644
--- a/src/applications/auth/oauth/provider/github/PhabricatorOAuthProviderGitHub.php
+++ b/src/applications/auth/oauth/provider/github/PhabricatorOAuthProviderGitHub.php
@@ -118,4 +118,8 @@ final class PhabricatorOAuthProviderGitHub extends PhabricatorOAuthProvider {
     return idx($this->userData, 'name');
   }
 
+  public function shouldDiagnoseAppLogin() {
+    return true;
+  }
+
 }