The forums are a self-help platform from users and partners, run in their spare time, for exchange of experience and practices. If you expect the Fortinet support to help you, this is not the right place. With a valid support contract FTNT is obliged to assist you. Open a ticket at support.fortinet.com .
Anyhow, we would like to give you hints but I would ask you to supply more information. What are you planning to achieve? Are you talking about source addresses, destination addresses, NAT, ...? How is the application FB related to the problem?
Let's assume your FGT is running FOS v5.2 or v5.4 - please specify.
Use a policy with authentication! If you create a regular security policy, with source and destination addresses, service etc. from 'internal' to 'wan' then just add a (already configured) user group to 'source address'. Now, users have to first authenticate against the FGT and are then allowed to send traffic across that policy.
If the number of users is small, say up to 20 users, you can create local user accounts on the FGT. Or create remote authentication via MSAD/LDAP.
If you don't like that idea you could authenticate via the device ID. For that, device detection has to be enabled on the 'internal' interface. The disadvantage of this is that permission is tied to hardware, not knowledge.
You find all of this, concepts and examples, in the 'FortiOS Handbook' for your version, from docs.fortinet.com. Read into it to get inspired how these scenarios are handled with a FGT.
You could also do a combination of a web filtering profile + Application Sensor (and CASI depending on which FortiOS version you are running) to allow access to Social Networking as a category and restrict access to specific social network sites via the Application sensor and CASI profile. I've even used these to restrict access to specific features within the social networking to make them read only (i.e. block posting, chat, and file upload).
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.