Re: [twitter-dev] Re: OAuth without read or write access

[Tom Gibara]

Thanks for the confirmation. I guess I'll have to rely on informing
the user as you suggest.

It looks like a gap in the API to me, there must be plenty of websites
out there that might want to confirm a user's identity with their
twitter account, without wanting access to their tweets.

Tom.

On 21 March 2011 10:38, Ninjamonk  wrote:
> yes it would, I think people are more worried about the ability to
> write than read.
>
> You could just put up a message saying this is only being used for
> sign in and we will not read your stream.
>
> On Mar 20, 9:06 pm, Tom Gibara  wrote:
>> Searching for "sign in with twitter" pointed me to:
>>
>> http://dev.twitter.com/pages/sign_in_with_twitter
>>
>> which I've already read. My understanding is that my application must
>> be registered to use OAuth, and that the access type it requires
>> (read/write) is determined by that registration. Doesn't this mean
>> that, at a minimum, the user will be informed that my application may
>> read their tweets and account details?
>>
>> This won't be the case, and I don't want to give users that impression.
>>
>> Tom.
>>
>> On 20 March 2011 17:05, Ninjamonk  wrote:
>>
>>
>>
>>
>>
>>
>>
>> > search for sign in with twitter and you should be ok.
>>
>> > All you need to do is let them login with oauth and you will get those
>> > details.
>>
>> > On Mar 20, 3:29 pm, tomgibara  wrote:
>> >> I'm developing an application in which I want to allow users to
>> >> authenticate themselves with their twitter account. I need nothing
>> >> more back from the authentication API than an ID that identifies the
>> >> user; I don't want any access to any other account details or their
>> >> tweets etc. In other words, I don't want read access. Is this
>> >> possible?
>>
>> >> It seems not, because the application registration page offers only
>> >> read or read/write. If this is the case, are there any plans to
>> >> support an "authenticate only" option for applications?
>>
>> >> I did search this group for related threads but only found this post,
>> >> which had no replies:
>>
>> >>http://groups.google.com/group/twitter-development-talk/browse_thread...
>>
>> > --
>> > Twitter developer documentation and resources:http://dev.twitter.com/doc
>> > API updates via Twitter:http://twitter.com/twitterapi
>> > Issues/Enhancements 
>> > Tracker:http://code.google.com/p/twitter-api/issues/list
>> > Change your membership to this 
>> > group:http://groups.google.com/group/twitter-development-talk
>
> --
> Twitter developer documentation and resources: http://dev.twitter.com/doc
> API updates via Twitter: http://twitter.com/twitterapi
> Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
> Change your membership to this group: 
> http://groups.google.com/group/twitter-development-talk
>

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

Re: [twitter-dev] Re: OAuth without read or write access

[Tom Gibara]

Searching for "sign in with twitter" pointed me to:

http://dev.twitter.com/pages/sign_in_with_twitter

which I've already read. My understanding is that my application must
be registered to use OAuth, and that the access type it requires
(read/write) is determined by that registration. Doesn't this mean
that, at a minimum, the user will be informed that my application may
read their tweets and account details?

This won't be the case, and I don't want to give users that impression.

Tom.

On 20 March 2011 17:05, Ninjamonk  wrote:
> search for sign in with twitter and you should be ok.
>
> All you need to do is let them login with oauth and you will get those
> details.
>
> On Mar 20, 3:29 pm, tomgibara  wrote:
>> I'm developing an application in which I want to allow users to
>> authenticate themselves with their twitter account. I need nothing
>> more back from the authentication API than an ID that identifies the
>> user; I don't want any access to any other account details or their
>> tweets etc. In other words, I don't want read access. Is this
>> possible?
>>
>> It seems not, because the application registration page offers only
>> read or read/write. If this is the case, are there any plans to
>> support an "authenticate only" option for applications?
>>
>> I did search this group for related threads but only found this post,
>> which had no replies:
>>
>> http://groups.google.com/group/twitter-development-talk/browse_thread...
>
> --
> Twitter developer documentation and resources: http://dev.twitter.com/doc
> API updates via Twitter: http://twitter.com/twitterapi
> Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
> Change your membership to this group: 
> http://groups.google.com/group/twitter-development-talk
>

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk