[twitter-dev] Re: Certificate Twitter Apps
I'm not sure what sort of Verification you're looking for - however, you might want to take steps on your own end to reassure users why they're being sent to Twitter. See, for example, Favstar. http://favstar.fm/authorization/new It's the your job as an application developer to instil confidence in the user to feel happy entering their credentials. -N On Oct 24, 12:56 am, loretoparisi loretopar...@gmail.com wrote: Hi, I'm cto for stickphone.me and lyricsmood.me, oauth based twitter apps. Many users told us that they just don't use our oauth sign in service, since it seems to them to be unsafe with this kind of sign in (single sign-on from oauth client site) This is not a design problem I guess, but a people misunderstanding problem, about the authorization protocol (going away from people like developers, engineers, etc, who really knows what oAuth is about?), even if we tried to explain this process as well in our sites tos. I was wondering if you @twitter have any idea in the future to certificate an app in order this app to be verified by twitter (in the same way some accounts are). In this ways app users would not be scared when clickin on Sign in to Twitter buttons. Of course using Twitter's button styles would be a better experience for the user in order to trust the thirdy-party service, but this is not possibile in all cases. Thanks, Loreto Parisi CTO at stickphone, lyricsmood lor...@stickphone.me lor...@lyricsmood.me -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk
[twitter-dev] Re: Per user retweet count
IIRC Matt / Taylor have said that Twitter search typically only keeps 7 days worth of data for searching, so you can't go any further back than that at the moment. Cheers -N On Sep 24, 8:14 am, Karthik K karthikkato...@gmail.com wrote: Hi, Is there any way to get the Retweet count per user? i.e., number of tweets of a particular user that are Retweeted? Search api with 'RT @username' gives the retweets but again its a only a few days of data. Thanks -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk
[twitter-dev] Re: dev.twitter.com sends consumer secret in clear text
This has been discussed quite a bit previously, and is something the Twitter folks are aware of: http://code.google.com/p/twitter-api/issues/detail?id=1665 Cheers -N On Sep 21, 6:54 pm, ManuelZ m...@alumni.sfu.ca wrote: When you register your Twitter app athttp://dev.twitter.com, you get an api key, a consumer secret and other awesome goodies. The secret is necessary so that you can validate signatures of stuff coming from Twitter (confirm it's from Twitter) and generate signatures for stuff you're sending to Twitter (confirm it's from your application). All application settings are sent in clear text (http) if you follow the links on dev.twitter, which is an attack vector: the interception of the secret can compromise the app. (1) It's been puzzling me for a while why the dev.twitter.com/apps (or at least the app settings page) is not restricted to https only. Granted, Twitter can only be affected through a slightly more sophisticated attack (incl. spoofing the app) + they likely have efficient ways to reverse damage from one compromised application, but as the app developer, you're in a pretty bad spot. (2) Suggestion: if you go tohttps://dev.twitter.com/appsfor all your app settings business, you can protect your secret... with one small problem: certificate error: dev.twitter.com uses an invalid security certificate. The certificate is only valid for the following names: www.twitter.com, twitter.com If anyone from Twitter is listening -- it may be a good idea to fix this. (3) On the bright side, Twitter is way better than Facebook, where even if you go to your app settings over https (it works!), it will redirect you to http after it's re-generated your key. -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Re: t.co Rollout
I don't know the answer to the first few items, but I'm guessing that the URLs will be unwrapped to whatever was originally submitted to Twitter (i.e. whatever's currently shown when using the REST API timelines with ?include_entities=true in the parameters) -N -- @nikf On Sep 2, 4:34 am, M. Edward (Ed) Borasky zn...@borasky- research.net wrote: I just got an email from Twitter about oAuth and t.co. Given that I have about five accounts, I assume I will get more copies. ;-) Anyhow, in the section on t.co, there was this line: You will start seeing these links on certain accounts that have opted-in to the service How does an account opt-in to t.co? Will there be a setting in the web app, similar to opting-in to locations? Will there be an API call, or will Twitter simply wrap all the links posted by an account that has opted in? If I post a bit.ly link and Twitter wraps it via t.co, will the unwrapped display unwrap just the t.co piece, or will it go all the way down to the raw URL? -- M. Edward (Ed) Boraskyhttp://borasky-research.nethttp://twitter.com/znmeb A mathematician is a device for turning coffee into theorems. - Paul Erdos -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Re: REST API Limits going down
Are you using OAuth for your application? If not, the wind-down of Basic auth is probably the reason for this decrease - and you'll be without Basic Auth at the end of the month http://countdowntooauth.com/ -N On Aug 26, 4:49 pm, David Toussaint david.toussa...@azionare.de wrote: Hi, My company is offering a regional tweet-monitoring tool (http:// twittercrawl.de) and is collecting all tweets from Germany. For doing this we decided to use the REST API and got our IP-Address whitelisted a little while ago. Everything is working fine except that we are getting reduced API-limits on the REST API for some days now. Instead of being allowed to post 20k requests the number is going up and down from 16k to 2.6k to 6k and so on. Unfortunately we are really depending on those 20k API requests per hour and are now wondering what could be the reason for that? Any help is appreciated! Thanks a lot, David -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Re: null posts in home_timeline
Hey Matt, Just a quick update. We're seeing a number of further reports of this overnight. I'm trying to track it down with our users, but my own home timeline is no longer showing the issue. Cheers -N -- Nik Fletcher @nikf On Aug 24, 3:34 pm, Matt Harris thematthar...@twitter.com wrote: Hey everyone, Thanks for your patience and for sharing the erroneous responses. We're working on this and will have a fix rolled out soon. Best, Matt On Tue, Aug 24, 2010 at 7:25 AM, Nik Fletcher nik.fletc...@gmail.com wrote: http://twitter.com/twitterapi/status/22002256380 -N -- Nik Fletcher @nikf On Aug 24, 9:49 am, emmettoc creepyman2...@gmail.com wrote: Hello, Many users of some client apps are still in trouble because of null results in home_timeline. You can check usernames in trouble by searching famous twitter app names. Did you change the api specific? Or do you have any plan to fix this? Thanks, emmettoc On 8月24日, 午後3:41, Matt Harris thematthar...@twitter.com wrote: Hi David, Could you provide a couple of status IDs or a username so we can take a look at this. Thanks, Matt On Mon, Aug 23, 2010 at 10:15 PM, David Novakovic davidnovako...@gmail.com wrote: Hey, seeing json like this: text: I really need to work out a way to make myself read more books...I've found three in the last 10 minutes. }, null, { coordinates: null, . null objects being included in the list of tweets? Only seems to have started today. David -- Matt Harris Developer Advocate, Twitterhttp://twitter.com/themattharris -- Matt Harris Developer Advocate, Twitterhttp://twitter.com/themattharris -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Re: null posts in home_timeline
Hi Guys I'm also seeing this and forwarded on some markup for the home_timeline to you, Matt. It's easier to spot in XML, where Twitter are returning the following between status objects: nil-classes type=array/ e.g. (objects hidden using code folding) status status nil-classes type=array/ status status nil-classes type=array/ status status Cheers -N Type pattern -N On Aug 24, 10:07 am, Thomas Woolway priv...@tswoolway.co.uk wrote: I'm seeing this in my home timeline - @tomwoolway. Matt, I've sent you the JSON output of my home timeline (seemed a bit big to spam the list with). Tom On Tue, Aug 24, 2010 at 8:22 AM, Kazuho Okui kaz...@gmail.com wrote: I'm having same issue. It looks like null tweets appear when your follower deletes their tweets. You can easily reproduce this bug. Many twitter applications stop working since this evening. (guess most of apps can't handle null correctly.) I think this should be addressed by twitter end. Thanks, Kazuho On Aug 23, 11:41 pm, Matt Harris thematthar...@twitter.com wrote: Hi David, Could you provide a couple of status IDs or a username so we can take a look at this. Thanks, Matt On Mon, Aug 23, 2010 at 10:15 PM, David Novakovic davidnovako...@gmail.com wrote: Hey, seeing json like this: text: I really need to work out a way to make myself read more books...I've found three in the last 10 minutes. }, null, { coordinates: null, . null objects being included in the list of tweets? Only seems to have started today. David -- Matt Harris Developer Advocate, Twitterhttp://twitter.com/themattharris
[twitter-dev] Re: null posts in home_timeline
Just a quick update to point any Twitter folks reading this thread to issue #1823 on the bug tracker http://code.google.com/p/twitter-api/issues/detail?id=1823 Cheers! -N On Aug 24, 10:42 am, Nik Fletcher nik.fletc...@gmail.com wrote: Hi Guys I'm also seeing this and forwarded on some markup for the home_timeline to you, Matt. It's easier to spot in XML, where Twitter are returning the following between status objects: nil-classes type=array/ e.g. (objects hidden using code folding) status status nil-classes type=array/ status status nil-classes type=array/ status status Cheers -N Type pattern -N On Aug 24, 10:07 am, Thomas Woolway priv...@tswoolway.co.uk wrote: I'm seeing this in my home timeline - @tomwoolway. Matt, I've sent you the JSON output of my home timeline (seemed a bit big to spam the list with). Tom On Tue, Aug 24, 2010 at 8:22 AM, Kazuho Okui kaz...@gmail.com wrote: I'm having same issue. It looks like null tweets appear when your follower deletes their tweets. You can easily reproduce this bug. Many twitter applications stop working since this evening. (guess most of apps can't handle null correctly.) I think this should be addressed by twitter end. Thanks, Kazuho On Aug 23, 11:41 pm, Matt Harris thematthar...@twitter.com wrote: Hi David, Could you provide a couple of status IDs or a username so we can take a look at this. Thanks, Matt On Mon, Aug 23, 2010 at 10:15 PM, David Novakovic davidnovako...@gmail.com wrote: Hey, seeing json like this: text: I really need to work out a way to make myself read more books...I've found three in the last 10 minutes. }, null, { coordinates: null, . null objects being included in the list of tweets? Only seems to have started today. David -- Matt Harris Developer Advocate, Twitterhttp://twitter.com/themattharris
[twitter-dev] Re: null posts in home_timeline
http://twitter.com/twitterapi/status/22002256380 -N -- Nik Fletcher @nikf On Aug 24, 9:49 am, emmettoc creepyman2...@gmail.com wrote: Hello, Many users of some client apps are still in trouble because of null results in home_timeline. You can check usernames in trouble by searching famous twitter app names. Did you change the api specific? Or do you have any plan to fix this? Thanks, emmettoc On 8月24日, 午後3:41, Matt Harris thematthar...@twitter.com wrote: Hi David, Could you provide a couple of status IDs or a username so we can take a look at this. Thanks, Matt On Mon, Aug 23, 2010 at 10:15 PM, David Novakovic davidnovako...@gmail.com wrote: Hey, seeing json like this: text: I really need to work out a way to make myself read more books...I've found three in the last 10 minutes. }, null, { coordinates: null, . null objects being included in the list of tweets? Only seems to have started today. David -- Matt Harris Developer Advocate, Twitterhttp://twitter.com/themattharris
[twitter-dev] Re: OAuth authorizing multiple accounts and disabling automatic redirection when account is already authorized
Hi Guys We've also noticed the UX for the current OAuth flow isn't great: the account that you're authorising (initially) isn't so clear. Currently it's just the username in bold text, amid a paragraph of blurb. Compared with @Anywhere, where the avatar is shown, this kinda stinks :-) In Socialite[1], to counteract user confusion we now make sure that users are clear with which account they're signing in with by appending force_login=true [2] to each https://twitter.com/oauth/authenticate/ request we start the OAuth side of things. Cheers -N -- Nik Fletcher @nikf [1] http://www.realmacsoftware.com/socialite [2] e.g. https://twitter.com/oauth/authenticate/?oauth_token=snipforce_login=true On Aug 23, 10:23 am, Varun Jain friends.made@gmail.com wrote: Hey Twitter Support, That's the same problem i'm running into too. If I use the url oauth/ authenticate, it serves my purpose, but if I use oauth/authorize, it's failing under the multiple login. can anyone give me a solution to this. Thanks, Varun Jain On Aug 6, 9:41 pm, Nick Spacek nick.spa...@gmail.com wrote: That's a long subject line, but I haven't seen much related to it (there was one post last Autumn but didn't seem to have any resolutions. I'm working on an app where an app user may want to authorize multiple Twitter accounts. Right now if they are already logged into Twitter (say, with their primary account) and the account is already authorized, they don't even get the option to sign in to a different account; the OAuth flow just redirects the browser immediately to the callback URL. Is there any way around this? Is there some way to pass a username on the GET or in the headers? Thanks, Nick
[twitter-dev] Re: Application source in Direct Messages
File it here: http://code.google.com/p/twitter-api/issues/list -N On Aug 19, 4:04 pm, Dossy Shiobara do...@panoptic.com wrote: +1. Yes, please. If Twitter implements *nothing* else for 2011, make this the TOP feature on your roadmap. PLEASE! On 8/19/10 5:17 AM, nischalshetty wrote: Can we have the application source for Direct Messages as well? -- Dossy Shiobara | do...@panoptic.com |http://dossy.org/ Panoptic Computer Network |http://panoptic.com/ He realized the fastest way to change is to laugh at your own folly -- then you can let go and quickly move on. (p. 70)
[twitter-dev] Re: iPhone - Twitter Home in a UIWebView with a valid access token.
Hi Alban You're looking at two different environments here: 1. The native Cocoa touch view you're working with, in which you're requesting the methods from the Twitter API and updating the table view. 2. The WebView, which is the main Twitter website The OAuth flow you've run through for requesting data for your UITableView isn't valid for logging into the user-facing Twitter.com pages. To make the most of you doing the OAuth flow and downloading the tweets to a native Cocoa touch view, and to save the re-login to Twitter.com, you'd probably want to look to add some further view controllers to your app and push them with the data you've downloaded etc. Cheers -N -- Nik Fletcher @nikf
[twitter-dev] Re: Is Twitter misusing their own t.co url shortener?
I don't know how Twitter are shortening the URLs. However. IIRC Twitter's shortener is designed to always use 20 characters (I believe) so that as developers we can pass in full URLs knowing how much space each URL will take up in a tweet and show the character count accordingly. Matt / Taylor might be able to comment further though. -N -- Nik Fletcher @nikf On Aug 13, 2:17 am, D. Smith emai...@sharedlog.com wrote: How long has it been since Twitter started their own t.com url shortener? Not sure, but I don't think it's been long enough to shorten over 3.5 trillion urls. Well, I just noticed that the the url shortened by t.com was this:http://t.co/5ywZYau So the value is 5ywZYau From what I understand the shorteners work this way (at least this is the most effecient way in order to create as short a url as possible): First you create a new record for url and get the next available numeric id, usually auto increment. Then you use base62 encoding to convert this integer into a string. The result is that you get the shortest possible value consisting of lower and upper case english letters plus 10 numbers, thus a total of 62 chars are used. The number of chars needed to represent a value is 62 x 62 x 62, etc... so the 7 chars-long base 62 string can represent a number over 13 digits long. Ok, so is it really possible for this service to already shorten over a trillion urls? I don't think so. which only means that you are not doing your best to make the shortest possible url. What's the point of registering a one-letter top level domain, going through all the trouble of creating your own service and then not really doing your absolute best to make sure urls are as short as possible. I mean, you could have probably still be using 4, maybe 5 - chars long codes instead of 7, saving potential customers 2 or 3 valuable characters
[twitter-dev] Re: Rate Limit Decrement
The per-hour rate is decreasing by 10 requests each day until August 31st. 150 on 16/8 140 on 17/8 ... 0 on 31/8 Cheers -N -- @nikf On Aug 4, 10:00 pm, kme km.ens...@gmail.com wrote: I have some questions regarding the message onhttp://countdowntooauth.com/ ...starting on August 16th, the rate limits on basic authentication will be reduced by roughly 10 calls/hour/day ending on August 31st. Does this mean each user can login/post 150 times per hour on 8/16 and then 140 times per hour on 8/15? or does the rate limit decrease each hour, starting at 12:00 AM on 8/16 with the rate being 0 per hour at 3:00 PM, starting over on 8/17 at 12:00 AM. I appreciate any help w/ regard to this!
[twitter-dev] Re: Error trying to access
+1 for my account too (@nikf) -N On Aug 1, 4:12 pm, Carla Cavalcante carlacavalcante.cavalca...@gmail.com wrote: I'm having the same problem as you!! On 31 jul, 18:47, Federico f.diazr...@gmail.com wrote: Someone called Taylor previously said that there would be maintenance of twitter servers, and some user would not be able to use twitter for about 5 hours. However I have been trying to use twitter for about 21 hours and I receive http 500 error. Also, with my twitter app for my cellphone, I can see DM and @, but I cant see twitts from the people I follow. I have tried to access with my web browser and I get technically something is wrong. When I would be able to use twitter again?
[twitter-dev] Re: OAuth echo base string(TwitPic)
http://dev.twitter.com/pages/oauth_echo -N On Jul 20, 10:02 am, Mounir Regragui reg.mou...@gmail.com wrote: Hi everyone! So I would like to add a feature to upload a picture to twitter via twitpic! Seems like it is using something called OAuth echo, that has additional parameters to the standard OAuth! I would like to know how to build my base string, so i can generate a signature. Should I use the standard OAuth parameters, or should I use the additional parameters ? (like realm etc...) I did not found documentation on api.twitpic.com, maybe it is located somewhere else. Anyway, I'd appreciate any kind of help! Regards.
[twitter-dev] Re: Which one are you using in your mobile app? xAuth or oAuth?
Hi Guys This might be of interest: http://getsharekit.com It's a drop-in module for iPhone apps to enable sharing. I've based my own Twitter sharing off of this (using xAuth as the other OAuth flows stink IMHO) however ShareKit allows both OAuth and xAuth should you wish so might provide some ideas / examples. Cheers -N On Jul 12, 10:50 am, James Abley james.ab...@gmail.com wrote: On Jul 9, 8:01 am, Bess bess...@gmail.com wrote: So far I only learn of one Twitter-based app is using OAuth - Twitter official app (not sure it is out in app store yet). I personally like to learn the best practice on OAuth and best OAuth library used in iPhone, Android, Nokia and Blackberry. +1 We have some existing apps (iPhone / iPad and Android) that use Basic Auth and are migrating to OAuth. I'm guessing that Twitter for iPhone uses xAuth - I didn't have to enter a PIN or allow the app via a web UI. Some additional examples would be nice. Cheers, James On Jul 7, 10:19 am, Oscar Cortes ocort...@gmail.com wrote: Thanks for the feedback Rich. I didn't know that the embedded web browser could be used for this. Can someone point me out to an iPhone or iPad app that uses oAuth with the embedded web browser? I would like to try it out. Oscar On Jul 6, 6:28 pm, Rich rhyl...@gmail.com wrote: We are using oAuth on the iPhone. It works great and I don't see why xAuthshould be allowed on iPhone as the embedded web browser is more than capable On Jul 6, 8:55 pm, Oscar Cortes ocort...@gmail.com wrote: We are about to integrate Twitter support in our iOS library and we are seeing that some devs preferxAuthover oAuth? Which one are you using and why? Does Twitter push for one of them more? Thanks
[twitter-dev] Re: Any chance to get more than 20,000 calls per hour?
Normally you could request Twitter whitelisting by emailing a...@twitter.com. However, you won't be able to until after the World Cup: http://groups.google.com/group/twitter-api-announce/browse_thread/thread/130a8c1749a87279 -N On Jul 9, 12:42 pm, deadlychaos deadlychaos...@gmail.com wrote: Hi there, We have been building this application since 6 months now. It is anti- spam app which works with very different algorithms and has been very useful for twitter user (we have tested it with 150 calls). But the problem is our apps dig out lot of follower data to let the user know whether his followers are spam or not (it doesn't allow users to unfollow anyone). We all know, Twitter api consumes 1 call for retrieving 100 followers of a particular twitter user. Now 20,000 calls are ok with normal users but some celebrities like Aston Kutcher, Britney Spears and EV have more than 2 million followers which means we cannot track. If they were few it would be ok but day by day as Twitter is growing at amazing rate many users are passing the 2 million milestone. So our app becomes useless for these users and which makes it imperfect. This is totally anti-spam app and I am sure folks at Twitter will love it once it does its work to chop off spam users. I know there have been many such apps but this is something everyone would love. We are done coding our app just wanted to know how can we track users more than 2 million followers? Would whitelisting more than 1 ip and switching them be the right thing to do? Can Twitter allow more than 20,000 calls for 1 ip on special request? Hoping to get answers, Thank you!
[twitter-dev] Re: My Client API was Decreased to 175
Check this thread: http://groups.google.com/group/twitter-development-talk/browse_thread/thread/e6cc26581bde8a0b All clients are experiencing this - and at times it's dropping below 175 RPH: http://groups.google.com/group/twitter-development-talk/browse_thread/thread/f2fe7c02a69e2c1b/ -N On Jul 1, 8:49 am, PiPS pip...@gmail.com wrote: Hi. I am developing on twitter client. My client uses xAuth. But.. My Client API is 175 That was before 350. Why was suddenly reduced by half?
[twitter-dev] Re: increase rate limit
Hi there 150 requests per hour is the limit for Basic Authentication-based requests, with OAuth-authenticated requests allowed further requests. Normally it's 350 (and is due to be raised to 1,500 per hour at some stage), however given the extra load Twitter's under during the World Cup OAuth requests are limited to 175 requests per hour (so, a 50% reduction). If you want to get the higher request rate, you'll need to use OAuth to authenticate users - though I'd note that you'll likely see a fair amount of latency and timeline issues with the OAuth home_timeline method as that's seen the brunt of the extra World Cup API load in my experience over the last week or so. Twitter has all the documentation you need at: http://dev.twitter.com and there's likely a library to help with the OAuth stuff (definitely for PHP, Objective-C) should you need it. Cheers @nikf On Jun 28, 6:12 pm, pranay godha.pra...@gmail.com wrote: hello guys, I am using twitter API to get the information about users.However, there are some limit dor call rewuest of 150 request per hour.how can I increase API call rate limit?.. Thank you
[twitter-dev] Re: Using stored OAuth tokens in Anywhere
Hi, I don't think there is currently a way to do this - best thing would be to file a ticket requesting this here: http://code.google.com/p/twitter-api/issues/list Cheers, -N On Jun 13, 7:48 pm, Karthik fermis...@gmail.com wrote: Let's assume, we already have tokens of users, who logged into site via normal OAuth process. Now, if we integrate Anywhere in our site frontend, users are required to do a separate OAuth login for following people via Anywhere hover cards. Is there a way to suppress the second OAuth login, as we already have their tokens with us?
[twitter-dev] Re: Clock Ticking on Basic Authpocalypse
Thanks for this Rich. I've emailed Taylor to see if the folks at Twitter would consider listing this information at dev.twitter.com so that there's a single, central, place for this kind of information that'll be frequently asked in the next month!! Cheers -Nik -- @nikf
[twitter-dev] Differing UI for @Anywhere OAuth and Application OAuth
Hi Guys In my own tinkering with the @anywhere stuff, I've noticed the @anywhere OAuth flow is using a much-better designed OAuth screen than regular OAuth at the moment: particularly in making clear which account you're linking the @anywhere app to. Any chance these improvements will be brought over to the other OAuth flows in the near future? We're using the PIN code OAuth in Socialite, and one of the issues we see (besides the entirely unfamiliarity of PIN code-based OAuth) is folks who are unclear in which account they're authenticating. Kind Regards, @nikf -- Nik Fletcher Support / QA Manager, Realmac Software http://www.realmacsoftware.com
[twitter-dev] Uploading to Media Services / OAuth
Hi Guys Whilst our desktop app has been desktop OAuth-based since launch, the media uploading has been username / password based (yfrog, twitpic etc). With basic auth going the way of the dodo next month, I just wanted to check to see what folks are doing for media uploads to services that use Twitter creds. Raffi's talked about the delegated OAuth etc, however I'm a little confused on the status of this new- fangled method - and whether it's something developers can work with right now. Apologies if this *has* been covered elsewhere, however I just wanted to bring this up and ask what the recommended method is for clients wanting to make sure things like yfrog / twitpic uploading continue to work. Cheers! Nik (@nikf)
[twitter-dev] OAuth User Numbers for Apps
Hi Guys With the new developer portal up and running, is there any timeframe for bringing back the authenticated user stats for apps, and are there any plans to improve the reporting in this regard (so, active users in the past 30 days on top of 'all-time authenticated users')? We're currently assessing the relative user numbers for @socialiteapp and given that the http://twitter.com/oauth_clients/details/{client ID} URL is perma-fail-whaling (previously it used to work after 10 minutes or so), we'd love to be able to see some details on the apps authenticated user numbers. Thanks! Nik -- Nik Fletcher Support / QA Manager, Realmac Software @nikf
[twitter-dev] Re: OAuth Rate Limits
Absolutely: understood. Thanks Raffi! -N On Apr 16, 2:43 pm, Raffi Krikorian ra...@twitter.com wrote: We're working on capacity to raise rate limits. As you can imagine, it's a complex relationship between the growth of our user base and the growth of our computing cluster... On Apr 16, 2010, at 6:38 AM, Nik Fletcher nik.fletc...@gmail.com wrote: Hi Guys With the announcement of Userstreams [which look like an excellent option for an app such as ours once streams are GA], does this affect the plan to offer 1500 requests per hour to OAuth clients? Whilst it's great to be able to make 350 requests PH now, what's the plan for ramping up to the rate limit announced back in December? Thanks for any insight :) -Nik -- Subscription settings:http://groups.google.com/group/twitter-development-talk/subscribe?hl=en
[twitter-dev] Re: Over Capacity Message on App Pages
Hi Guys I've seen this too. However. If you re-visit the page a couple of minutes later it'll load just fine. We had this for @socialiteapp and whilst the initial load wouldn't work, visiting the page a few minutes later would work just fine. Cheers! -N On Mar 11, 8:59 am, Tim Haines tmhai...@gmail.com wrote: Email them offlist and I'm sure they'll look it up for you. Sent from my iPhone On 11/03/2010, at 9:51 PM, Jesse Stay jesses...@gmail.com wrote: So how do I verify my consumer key is correct? I would imagine that page would be pretty important - how can you edit your app without it? I'm also curious about why I'm being prompted for basic auth onhttp://api.twitter.com/oauth/access_token Thanks, Jesse On Thu, Mar 11, 2010 at 1:37 AM, Tim Haines tmhai...@gmail.com wrote: There's a bug in that page. If your app has too many users, it fails to load. Mark (or was it Raffi?) said they were fixing it last year, but I guess it's pretty low on the priority list. Tim. On Thu, Mar 11, 2010 at 9:26 PM, Jesse Stay jesses...@gmail.com wrote: I'm trying to access my app page here: http://twitter.com/oauth_clients/details/61 and I keep getting the over capacity fail whale message. In addition, when I pass my request_token, verifier, etc. to the access_token method (http://api.twitter.com/oauth/access_token?oauth_consumer_key=...blah ) in a normal browser window it prompts me for a plain auth username and password - is this normal behavior when testing in the browser? Thanks, Jesse
[twitter-dev] Re: OAuth Rate Limit Increase - Not seeing it
Hi Guys http://code.google.com/p/twitter-api/issues/detail?id=1501 Cheers -N On Mar 3, 9:42 pm, Milen mi...@thecosmicmachine.com wrote: I couldn't agree more, it's pretty lame that: a) the rate limit method returns incorrect results b) only rate limited requests return any rate limiting information You have a lot of situations where you firstly need to find out how many requests you have left and take actions accordingly, i.e. you need to know the rate limiting information before starting to make any requests that are rate limited. In any case, the status quo doesn't seem to be well thought through. M On Mar 3, 3:42 pm, Ryan Alford ryanalford...@gmail.com wrote: I just want to ask how you guys handle the following situation. And please correct anything that is incorrect. The user starts up your application, and they have exhausted all of their rate limit(using another application). Your application does not know this when it is first starting because you haven't made a rate limited request yet. You now make the rate limited request, and you get the 403: Forbidden error back. I can only assume that Twitter will send the X-Ratelimit-Limit header with the response error. Does your application allow this request and then process the error, set the rate limit information(you would need the date to tell the user when the rate limit will reset), and go about your business? In my app, I do a rate limit check before making the request(using the account/rate_limit_status method). Since I can no longer do this(since that method returns 150 instead of 350), I was wondering how others handle this. Just my personal opinion, but I think it's a horrible decision to have the rate limiting headers ONLY returned for rate limited methods. This now requires me to make a rate limited call just to get the rate limit, which brings the previous scenario into play. Thanks, Ryan On Wed, Mar 3, 2010 at 9:44 AM, Ryan Alford ryanalford...@gmail.com wrote: I was able to get that working. I didn't notice that those headers were only sent for requests that counted against the rate limit. Ryan On Tue, Mar 2, 2010 at 6:33 PM, twittelator and...@stone.com wrote: I reported this bug yesterday. Instead of making that extra call, why not look at the response headers which come back with each API ACCESS - you'll get the info you need: X-Ratelimit-Limit = 150; X-Ratelimit-Remaining = 133; X-Ratelimit-Reset = 1267576025; Andrew Stone Twitter / @twittelator http://www.stone.com got iPhone? http://j.mp/twitpro http://j.mp/tweettv-app On Mar 2, 11:47 am, eclipsed4utoo ryanalford...@gmail.com wrote: I thought that the OAuth Rate Limit went up to 350? I am still getting 150. Here is the returned XML from my request tohttp:// api.twitter.com/1/account/rate_limit_status.xml ?xml version=1.0 encoding=UTF-8? hash reset-time type=datetime2010-03-02T19:42:28+00:00/reset-time hourly-limit type=integer150/hourly-limit reset-time-in-seconds type=integer1267558948/reset-time-in- seconds remaining-hits type=integer150/remaining-hits /hash I am using OAuth and using the new version of the REST API. What else do I need to do?
[twitter-dev] Re: OAuth rate limit question
Hi Raffi I've filed the issue on Google Code so that folks can keep in the loop about this: http://code.google.com/p/twitter-api/issues/detail?id=1501 Let me know if you need any further information! Cheers -N On Mar 3, 1:57 pm, Raffi Krikorian ra...@twitter.com wrote: Well - it seems to me that rate limit status may have an issue with it. We will have to take a look. On Mar 3, 2010, at 2:56 AM, Nik Fletcher nik.fletc...@gmail.com wrote: Hey Raffi So, would Twitter prefer that clients use the headers instead of relying on the (now misleading) account/rate_limit_status method to verify the rate limit? http://apiwiki.twitter.com/Twitter-REST-API-Method:-account%C2%A0rate... As, even with Oauth-signed requests, this method is still returning 150 per hour. Thanks! Nik On Mar 3, 7:26 am, Raffi Krikorian ra...@twitter.com wrote: are you connecting via oauth to api.twitter.com? if so, then please take a look at the rate limit headers and let me know what you see? On Tue, Mar 2, 2010 at 10:48 PM, Ben Novakovic bennovako...@gmail.comwrote: Hi, I have been reading about twitter api limits lately as a lot of my users are exhausting their 150reqs/h on a fairly regular basis. I came across the following post and noticed that if users login with OAuth, they are given 350 reqs/hr. http://groups.google.com/group/twitter-development-talk/msg/b09f2a332 ... This was fair enough as you guys are trying to make twitter more secure (good work!); so we set about implementing OAuth on our client. We completed the implementation today, but fail to see the 350 reqs/ hr. We are still being limited by the 150 reqs/hr. I was just wondering whether there was something special we needed to do to get our req limits up to 350 for those users who login to our client with OAuth. Just to give you some background info, the client is a mobile web based client and all requests to twitter are made on our server on behalf of our users. If they are logged in with OAuth, the appropriate OAuth details are also handed through as part of the request. We know they are using OAuth as our 'updated via xxx' changes with using OAuth. Any help would be greatly appreciated! Thanks! Ben -- Raffi Krikorian Twitter Platform Teamhttp://twitter.com/raffi
[twitter-dev] Re: OAuth rate limit question
Hey Raffi So, would Twitter prefer that clients use the headers instead of relying on the (now misleading) account/rate_limit_status method to verify the rate limit? http://apiwiki.twitter.com/Twitter-REST-API-Method:-account%C2%A0rate_limit_status As, even with Oauth-signed requests, this method is still returning 150 per hour. Thanks! Nik On Mar 3, 7:26 am, Raffi Krikorian ra...@twitter.com wrote: are you connecting via oauth to api.twitter.com? if so, then please take a look at the rate limit headers and let me know what you see? On Tue, Mar 2, 2010 at 10:48 PM, Ben Novakovic bennovako...@gmail.comwrote: Hi, I have been reading about twitter api limits lately as a lot of my users are exhausting their 150reqs/h on a fairly regular basis. I came across the following post and noticed that if users login with OAuth, they are given 350 reqs/hr. http://groups.google.com/group/twitter-development-talk/msg/b09f2a332... This was fair enough as you guys are trying to make twitter more secure (good work!); so we set about implementing OAuth on our client. We completed the implementation today, but fail to see the 350 reqs/ hr. We are still being limited by the 150 reqs/hr. I was just wondering whether there was something special we needed to do to get our req limits up to 350 for those users who login to our client with OAuth. Just to give you some background info, the client is a mobile web based client and all requests to twitter are made on our server on behalf of our users. If they are logged in with OAuth, the appropriate OAuth details are also handed through as part of the request. We know they are using OAuth as our 'updated via xxx' changes with using OAuth. Any help would be greatly appreciated! Thanks! Ben -- Raffi Krikorian Twitter Platform Teamhttp://twitter.com/raffi
[twitter-dev] Re: OAuth Rate Limit Increase - Not seeing it
Hi there We also thought we were not receiving the correct rate limit - however the account/rate_limit_status method doesn't actually correctly reflect these new request limits. Instead, you'll need to (at least, until - or if - Twitter change this method to respond appropriately to OAuth calls) use the X-RateLimit-Limit HTTP header to detect the current rate limit. The good news is that the HTTP header *does* reflect the new 350 RPH limit :-) I've also just posted about this here: http://groups.google.com/group/twitter-development-talk/t/b9e2aa61f2af0911 So it might be worth keeping an eye out for @raffi's reply. Cheers -N On Mar 2, 6:47 pm, eclipsed4utoo ryanalford...@gmail.com wrote: I thought that the OAuth Rate Limit went up to 350? I am still getting 150. Here is the returned XML from my request tohttp://api.twitter.com/1/account/rate_limit_status.xml ?xml version=1.0 encoding=UTF-8? hash reset-time type=datetime2010-03-02T19:42:28+00:00/reset-time hourly-limit type=integer150/hourly-limit reset-time-in-seconds type=integer1267558948/reset-time-in- seconds remaining-hits type=integer150/remaining-hits /hash I am using OAuth and using the new version of the REST API. What else do I need to do?
[twitter-dev] Re: Introduce yourself!
Hey Guys I'm Nik (@nikf) and work at Realmac Software in Brighton, England. We make a few Mac OS X applications - RapidWeaver / LittleSnapper and Socialite (previously known as Eventbox) which brings multiple social networks into one place. Whilst technically 'Support QA Manager' I also keep the ball rolling with Socialite. Socialite[1] is one of the few Twitter clients (on *any* platform I believe) to actually do OAuth using PIN entry, and as you can imagine we're itching for xAuth :) One thing I'm really looking forward to is new developer site Ryan announced in his talk at LeWeb. It'd be nice to easily and clearly know if features in the Twitter service are deactivated (like Retweets have been in the past). Cheers! Nik -- [1] http://www.realmacsoftware.com/socialite
[twitter-dev] Re: How Does TwittPic Works ?
Hi Raffi No worries - hope you're feeling better soon! If we can be of any help with getting this out the door, please let me know! Cheers -N -- twitter.com/nikf
[twitter-dev] Rate Limit New API Features
Hi Twitter API folks, Over the last few months, there's been some big new features to the API to match the Twitter.com feature set. Whilst that's awesome for third-party developers and users alike, the rate limit has remained the same. Looking back over the documentation, the last increase was in June of this year, from 100 requests per 60 minute window to 150 requests - long before the lists or retweet features became available. Whilst I'm *fully* aware that we (as a developer community) can minimise the number of calls to the API, with new features being added - and the related query-chaining that may be needed to provide folks with an experience such as they're used to on the Twitter Web site with the bells and whistles - are there any plans to increase the rate limit for applications? I should just add: this is in no way a whiny post at the rate limiting that's currently in effect. We're not hearing of Socialite hitting the rate limit a great deal (as we're deliberately refreshing Lists every third refresh to preserve API calls) - I'm just posting to see what the Twitter API team's thoughts are :) Cheers, Nik --- Nik Fletcher Support / QA Manager Realmac Software
[twitter-dev] Re: Rate Limit New API Features
Thanks for the super-speedy reply, John! Cheers -N On Dec 8, 2:29 pm, John Kalucki j...@twitter.com wrote: There are several projects in the pipeline to help with rate limiting issues. -John Kaluckihttp://twitter.com/jkalucki Services, Twitter Inc. On Tue, Dec 8, 2009 at 6:24 AM, Nik Fletcher nik.fletc...@gmail.com wrote: Hi Twitter API folks, Over the last few months, there's been some big new features to the API to match the Twitter.com feature set. Whilst that's awesome for third-party developers and users alike, the rate limit has remained the same. Looking back over the documentation, the last increase was in June of this year, from 100 requests per 60 minute window to 150 requests - long before the lists or retweet features became available. Whilst I'm *fully* aware that we (as a developer community) can minimise the number of calls to the API, with new features being added - and the related query-chaining that may be needed to provide folks with an experience such as they're used to on the Twitter Web site with the bells and whistles - are there any plans to increase the rate limit for applications? I should just add: this is in no way a whiny post at the rate limiting that's currently in effect. We're not hearing of Socialite hitting the rate limit a great deal (as we're deliberately refreshing Lists every third refresh to preserve API calls) - I'm just posting to see what the Twitter API team's thoughts are :) Cheers, Nik --- Nik Fletcher Support / QA Manager Realmac Software
[twitter-dev] Re: Lists API for Subscriptions
Hi Guys I've just opened a feature enhancement request with Twitter: http://code.google.com/p/twitter-api/issues/detail?id=1213 If you've got any further details, please feel free to add these as comments! Cheers -N
[twitter-dev] Re: Lists API for Subscriptions
I'd just add that we too are running into this for Socialite.app. The omission of lists that the user is following the in /user/lists/ subscriptions.format method means we can't offer a similar experience in-app to that found on Twitter.com If someone's already filed a request on this with Twitter (I couldn't see one), could they let us know here: otherwise I'll file it myself :) Cheers! -N -- Nik Fletcher Realmac Software
[twitter-dev] Re: Text Source. How can I change this?
Hi Guys We've recently acquired a desktop application that uses the basic authentication to interact with the Twitter API. As we're renaming the application when it ships as 1.0, is there any way to *modify* an existing application's basic auth listing? Thanks! Nik