There is no pragmatic way to sign a user out of twitter.com through the API.
When a user logs out of your site send them to to twitter.com so they can sign out there or to a page explaining they should sign out of twitter.com Abraham ------------- Abraham Williams | Hacker Advocate | http://abrah.am @abraham | http://projects.abrah.am | http://blog.abrah.am This email is: [ ] shareable [x] ask first [ ] private. On Thu, Sep 2, 2010 at 10:43, Matei <mad.doroba...@gmail.com> wrote: > bump? > > On Sep 1, 10:45 am, Matei <mad.doroba...@gmail.com> wrote: > > Hi everyone, > > > > I am compelled to ask because the search turned out a few post that > > were somewhat vague and didn't answer all my questions. > > > > I have a website widget that interacts heavily with Twitter. We use > > OAuth to authenticate our requests. To logout the users from our side > > we destroy the OAuth token. However during the initial OAuth workflow > > Twitter places a cookie on the browser, so if the user logs out from > > our site but navigates to the Twitter site they are still logged in. > > Closing the browser solves this, as it appears the cookie is a session > > cookie. Calling the "account/end_session.json" end point does nothing > > for use because the call is server side so the cookie doesn't get > > replaced. > > > > I am a little concerned about this behavior since the widget will be > > on a public site users can access from public computers. It is > > possible the users will log out of our widget but not close the > > browser window. At that point someone could navigate to twitter and > > still be logged in with their account. > > > > So finally my questions are: > > 1. Is how do I reliably log users out of Twitter? > > 2. Is it really necessary for Twitter to send this cookie during the > > OAuth workflow? The API is stateless so the cookie is really un- > > necessary as far as using the apis is concerned. > > > > Sorry for the lengthy post, responses are greatly appreciated! > > > > Cheers, > > Matei > > -- > Twitter developer documentation and resources: http://dev.twitter.com/doc > API updates via Twitter: http://twitter.com/twitterapi > Issues/Enhancements Tracker: > http://code.google.com/p/twitter-api/issues/list > Change your membership to this group: > http://groups.google.com/group/twitter-development-talk?hl=en > -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
