Re: [twitter-dev] Direct message change and the authentication URL
I think this was addressed in the A new permission level thread. You said you were restricting this permission to the OAuth /authorize web flow only. Will /oauth/authenticate (Sign in with Twitter) support the new permission? The R/W/DM permission can only be granted through the /oauth/authorize route. Sign in with Twitter cannot be used to grant R/W/DM. We understand applications may use other methods of authentication like Sign in with Twitter as well. For this reason, if a user has authorised your application for R/W/DM and you direct them through Sign in with Twitter, we will respect the existing access token permission. This means you can use Sign in with Twitter after a user has authorized your application for R/W/DM. On Wed, Jun 15, 2011 at 2:20 PM, Craig Walls hab...@gmail.com wrote: I've updated my app settings to be Read, Write, and Direct Messages, but when I go through the authentication page (not the normal OAuth authorization page), it still tells me that the app won't be able to access DMs after June 30th. Am I missing something or should that message no longer appear now that I've changed the settings? -- Twitter developer documentation and resources: https://dev.twitter.com/doc API updates via Twitter: https://twitter.com/twitterapi Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list Change your membership to this group: https://groups.google.com/forum/#!forum/twitter-development-talk -- Twitter developer documentation and resources: https://dev.twitter.com/doc API updates via Twitter: https://twitter.com/twitterapi Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list Change your membership to this group: https://groups.google.com/forum/#!forum/twitter-development-talk
Re: [twitter-dev] Stream throttled
Is this a known problem or are we getting throttled? You are likely getting rate limited. http://dev.twitter.com/pages/streaming_api_concepts#filter-limiting Limiter periodicity is aligned with statuses/sample sampling periodicity Basically, this means that if you're predicates would return MORE than the sample hose (at whatever level your account has), then you will be rate limited. The default is now 1% I believe...and 10% if you've been granted garden hose role. So if your predicates would capture more than 1% of all tweets (10% for gardenhose role), you will be rate limited. The wording isn't quite like that, but that is what we were experiencing. If we are throttled, what should we do to get back to normal? A few routes for you. 1 Contact twitter to see if you can move to a higher tier (ie gardenhose). See http://dev.twitter.com/pages/streaming_api_concepts#access-rate-limiting 2 Try and send the least noisy subset possible that will still capture the data for your users (if possible). Depending on how your predicates are provided, you can possibly reduce them down to the least noisy subset that would still capture most of what you want. 3 Pay for higher access roles or the full hose. You'll need to work with twitter on this, and I'm honestly not sure where they stand on continuing this model given the gnip relationship. 4 Contact http://gnip.com/twitter (i don't work for them) and see if the pricing works out for you And should we be able to detect throttling ourselves? Yes. You will get limit messages in the stream. http://dev.twitter.com/pages/streaming_api_concepts#parsing-responses Track streams may also contain limitation notices, where the integer track is an enumeration of statuses that, since the start of the connection, matched the track predicate but were rate limited. Notice that it is since the start of the connection...which is a bit strange and threw me at first. James On Tue, May 31, 2011 at 12:09 AM, Jacob Friis Saxberg ja...@webcom.dk wrote: We are using statuses/filter.json and have lately experienced that some tweets are not delivered to our consumer. Is this a known problem or are we getting throttled? If we are throttled, what should we do to get back to normal? And should we be able to detect throttling ourselves? Jacob -- Twitter developer documentation and resources: https://dev.twitter.com/doc API updates via Twitter: https://twitter.com/twitterapi Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list Change your membership to this group: https://groups.google.com/forum/#!forum/twitter-development-talk -- Twitter developer documentation and resources: https://dev.twitter.com/doc API updates via Twitter: https://twitter.com/twitterapi Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list Change your membership to this group: https://groups.google.com/forum/#!forum/twitter-development-talk
Re: [twitter-dev] Re: A new permission level
Arnaud replied recently indicating that the header is now in: We just started to return the X-Access-Level header for authenticated API requests, that tells you what access level the user token has http://groups.google.com/group/twitter-development-talk/browse_thread/thread/5bf53b81f2d868c/87bcc4780e7f2f7d?lnk=gstq=X-Access-Level#87bcc4780e7f2f7d James On Wed, May 25, 2011 at 8:52 AM, Mark Pavlidis mark.pavli...@gmail.com wrote: Matt is this header in yet I haven't seen any announcements elsewhere On May 19, 4:17 pm, themattharris thematthar...@twitter.com wrote: How do we know what the access level of a user token is? This is a great idea and one the team has discussed. What we are going to do is add a newheaderto authentication requests that will tell you the access level of the token you authenticated with. We’re working on this now and hope to have it released in the next few days. -- Twitter developer documentation and resources: https://dev.twitter.com/doc API updates via Twitter: https://twitter.com/twitterapi Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list Change your membership to this group: https://groups.google.com/forum/#!forum/twitter-development-talk -- Twitter developer documentation and resources: https://dev.twitter.com/doc API updates via Twitter: https://twitter.com/twitterapi Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list Change your membership to this group: https://groups.google.com/forum/#!forum/twitter-development-talk
Re: [twitter-dev] Streaming API credentials
You would create a twitter app at https://dev.twitter.com/apps After you create it, there is a My Access Token button on the details page for your application. I /believe/ that will get you what you want. James On Mon, May 23, 2011 at 3:04 PM, Craig Walls hab...@gmail.com wrote: I'd like to use the streaming API to track certain terms that I'll ultimately present to all of my web application's users. For instance, I want my app to display all tweets for some event, identified by some hashed term. I see that the streaming API (unlike the search API) requires authentication, either Basic or OAuth. For tinkering purposes, I've just used my own OAuth token/secret to hit the streaming API. But which credentials should my app use? Since the stream will be presented to all of my app's users, it doesn't make sense for it to use a single user's credentials. It also doesn't make much sense to open up individual, but identical streams for each user. Is there a way to consume the streaming API with some app-level credentials? -- Twitter developer documentation and resources: https://dev.twitter.com/doc API updates via Twitter: https://twitter.com/twitterapi Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list Change your membership to this group: https://groups.google.com/forum/#!forum/twitter-development-talk -- Twitter developer documentation and resources: https://dev.twitter.com/doc API updates via Twitter: https://twitter.com/twitterapi Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list Change your membership to this group: https://groups.google.com/forum/#!forum/twitter-development-talk
Re: [twitter-dev] Authorize vs. Authenticate
I believe the only difference is that the authenticate route could be used by only web based applications (ie they need to have a callback url) and allows for the force_login param. The authenticate can be used by either desktop or web apps, but do not support the force_login...but this may be changing soon. From themattharris earlier in the recent thread about the oauth permission change: We support multiple accounts in our application, how do we force a login on the authorize flow? Currently the only flow that supports the force_login parameter is / oauth/authenticate but adding it to /oauth/authorize flow is a good idea. We’ll begin working on this now and will let you know when it is released. On Mon, May 23, 2011 at 3:54 PM, Tyson Lowery tysonlow...@gmail.com wrote: I can't seem to find the difference, does anyone know? Previous to the new permission system I sent my users to http://twitter.com/oauth/authenticate/ But for some reason no matter what I do, it says at the bottom This application will not be able to: Access your private messages. So I changed to http://twitter.com/oauth/authorize. That solved the problem about accessing private messages. But I'd like to force the user to re-log into twitter. I can't figure out a way to do that with authorize. I just need to solve one of these 2 problems. Any ideas? Thanks, Tyson -- Twitter developer documentation and resources: https://dev.twitter.com/doc API updates via Twitter: https://twitter.com/twitterapi Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list Change your membership to this group: https://groups.google.com/forum/#!forum/twitter-development-talk -- Twitter developer documentation and resources: https://dev.twitter.com/doc API updates via Twitter: https://twitter.com/twitterapi Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list Change your membership to this group: https://groups.google.com/forum/#!forum/twitter-development-talk
Re: [twitter-dev] Re: Authorize vs. Authenticate
From my testing, I am pretty sure authorize supports callback urls. It does, sorry if I wasn't clear on that. So for your other question, yes, the new permission (for Read Write and Private Messages) will only be settable from the /authorize endpoint. Further up in the same thread: You said you were restricting this permission to the OAuth /authorize web flow only. Will /oauth/authenticate (Sign in with Twitter) support the new permission? The R/W/DM permission can only be granted through the /oauth/authorize route. Sign in with Twitter cannot be used to grant R/W/DM. We understand applications may use other methods of authentication like Sign in with Twitter as well. For this reason, if a user has authorised your application for R/W/DM and you direct them through Sign in with Twitter, we will respect the existing access token permission. This means you can use Sign in with Twitter after a user has authorized your application for R/W/DM. James On Mon, May 23, 2011 at 4:08 PM, Tyson Lowery tysonlow...@gmail.com wrote: Ahhh, thanks that answers half my question. I did not see that from Matt - they should split that thread into technical questions and complaints, it got too hard to follow. From my testing, I am pretty sure authorize supports callback urls. Any idea about authenticate and private messages? Is this permission not available in the authenticate flow by design, or is this a bug? . On May 23, 3:01 pm, James Estes james.es...@gmail.com wrote: I believe the only difference is that the authenticate route could be used by only web based applications (ie they need to have a callback url) and allows for the force_login param. The authenticate can be used by either desktop or web apps, but do not support the force_login...but this may be changing soon. From themattharris earlier in the recent thread about the oauth permission change: We support multiple accounts in our application, how do we force a login on the authorize flow? Currently the only flow that supports the force_login parameter is / oauth/authenticate but adding it to /oauth/authorize flow is a good idea. We’ll begin working on this now and will let you know when it is released. On Mon, May 23, 2011 at 3:54 PM, Tyson Lowery tysonlow...@gmail.com wrote: I can't seem to find the difference, does anyone know? Previous to the new permission system I sent my users to http://twitter.com/oauth/authenticate/ But for some reason no matter what I do, it says at the bottom This application will not be able to: Access your private messages. So I changed tohttp://twitter.com/oauth/authorize. That solved the problem about accessing private messages. But I'd like to force the user to re-log into twitter. I can't figure out a way to do that with authorize. I just need to solve one of these 2 problems. Any ideas? Thanks, Tyson -- Twitter developer documentation and resources:https://dev.twitter.com/doc API updates via Twitter:https://twitter.com/twitterapi Issues/Enhancements Tracker:https://code.google.com/p/twitter-api/issues/list Change your membership to this group:https://groups.google.com/forum/#!forum/twitter-development-talk -- Twitter developer documentation and resources: https://dev.twitter.com/doc API updates via Twitter: https://twitter.com/twitterapi Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list Change your membership to this group: https://groups.google.com/forum/#!forum/twitter-development-talk -- Twitter developer documentation and resources: https://dev.twitter.com/doc API updates via Twitter: https://twitter.com/twitterapi Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list Change your membership to this group: https://groups.google.com/forum/#!forum/twitter-development-talk
Re: [twitter-dev] Checking whether a user has given permission to Private Messages
I don't think so, but looks like its coming soon. From themattharris: How do we know what the access level of a user token is? This is a great idea and one the team has discussed. What we are going to do is add a new header to authentication requests that will tell you the access level of the token you authenticated with. We’re working on this now and hope to have it released in the next few days James On Mon, May 23, 2011 at 4:20 PM, Tyson Lowery tysonlow...@gmail.com wrote: Is there a way to check whether a user has explicitly granted permission to their Private Messages? -- Twitter developer documentation and resources: https://dev.twitter.com/doc API updates via Twitter: https://twitter.com/twitterapi Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list Change your membership to this group: https://groups.google.com/forum/#!forum/twitter-development-talk -- Twitter developer documentation and resources: https://dev.twitter.com/doc API updates via Twitter: https://twitter.com/twitterapi Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list Change your membership to this group: https://groups.google.com/forum/#!forum/twitter-development-talk
Re: [twitter-dev] Re: Streaming API credentials
You're right. The simplest (only?) way would be to create an account specifically for managing your app. I believe there was a recent post on this list talking about that being the norm, but I couldn't find it. I'd love for the app to have it's own credentials, and allow for assigning multiple twitter users to administer/manage the app. James On Mon, May 23, 2011 at 4:14 PM, Craig Walls hab...@gmail.com wrote: Correct me if I'm mistaken, but I believe that access token/secret pair are still *my* access token and secret for that application. That is, they can be used to access my personal Twitter data. I'm uncomfortable using my personal credentials (or those of any individual user) for this purpose. What I'm looking for is a token/secret that belongs to the app and can only be used to do things that required authentication, but not access an individual's data (accessing the streaming API, for instance). Perhaps I create a bogus user that represents the application and use their credentials? -- Twitter developer documentation and resources: https://dev.twitter.com/doc API updates via Twitter: https://twitter.com/twitterapi Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list Change your membership to this group: https://groups.google.com/forum/#!forum/twitter-development-talk -- Twitter developer documentation and resources: https://dev.twitter.com/doc API updates via Twitter: https://twitter.com/twitterapi Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list Change your membership to this group: https://groups.google.com/forum/#!forum/twitter-development-talk