Re: [twitter-dev] Re: How i can logout using oauth or rest api of twitter?
sadly this is badly needed but not available see https://groups.google.com/d/msg/twitter-development-talk/PH5HfT7SJqw/rtEzx-jrDQIJ -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk
Re: [twitter-dev] Re: How i can logout using oauth or rest api of twitter?
I asked about the very same thing a few weeks back. It doesn't seem like such a thing exists yet. On 8/19/2010 1:53 PM, Ken wrote: An API method allowing a user to revoke your credentials from within your app, as users can do through http://twitter.com/settings/connections - if they manage to find it. Probably would need to be a TOS requirement... On Aug 19, 6:53 pm, JTOne wrote: It might be useful to have a "destroy credentials" endpoint though, to remove your app from the connections screen. what you means? how do it?
[twitter-dev] Re: How i can logout using oauth or rest api of twitter?
An API method allowing a user to revoke your credentials from within your app, as users can do through http://twitter.com/settings/connections - if they manage to find it. Probably would need to be a TOS requirement... On Aug 19, 6:53 pm, JTOne wrote: > It might be useful to have a "destroy credentials" endpoint though, > to > remove your app from the connections screen. > > what you means? how do it?
[twitter-dev] Re: How i can logout using oauth or rest api of twitter?
It might be useful to have a "destroy credentials" endpoint though, to remove your app from the connections screen. what you means? how do it?
[twitter-dev] Re: How i can logout using oauth or rest api of twitter?
> So one way to handle this from your side would be to just forget the > user's OAuth tokens. Your app will still appear "authorized" to the user > in the connections screen, which would be confusing, but your > application wouldn't be able to perform any operations on their behalf. its really cool, but i need to see login and password field i dont wonna be authorized i need it for changed of users, and user would not do extra work, only enter login and password > It might be useful to have a "destroy credentials" endpoint though, to > remove your app from the connections screen. what you means? PS I fully agree with Ken and i need it
[twitter-dev] Re: How i can logout using oauth or rest api of twitter?
Destroy session is what people are asking for. There's no way to handle this from our side at the moment. When a user leaves our site, they generally logout out first, but we can't log them out from Twitter if they logged in that way. (After initially creating an account with us through Twitter Oauth, they have the option of logging in directly to our site without logging in to Twitter.) Per Twitter app guidelines, we never perform any API action that is not directly, immediately requested by a user, so that's not the problem. The problems I see are: 1.) It's weird that we can log them in but we can't log them out. OK, we get them to log themselves in, but they can't be expected to understand that, and 2.) If we don't make sure they know they are still logged in - to Twitter, not us - then something bad might happen to them. And whose fault would that be? On Aug 19, 6:33 pm, Dave Ingram wrote: > On 08/19/10 17:16, Ken wrote:> Taylor, I don't need this as much as some > other developers but I think > > I understand why they keep asking for this. > > > Sure, our app is not "logged in". But many apps make the user log in > > to Twitter in order to use the app. Then, when the user is done with > > the app, they can't just logout and leave, we have to tell them to go > > to Twitter.com and logout. This is embarrassing (unprofessional) and > > potentially risky. If they don't understand that they are still logged > > in with Twitter, they may make some mistake, such as tweeting from the > > wrong account, and there could be privacy/security concerns about > > subsequent actions a user may perform while unknowingly logged in to > > Twitter. > > So one way to handle this from your side would be to just forget the > user's OAuth tokens. Your app will still appear "authorized" to the user > in the connections screen, which would be confusing, but your > application wouldn't be able to perform any operations on their behalf. > It might be useful to have a "destroy credentials" endpoint though, to > remove your app from the connections screen. > > D > > > On Aug 19, 4:20 pm, Taylor Singletary > > wrote: > >> The REST API is (mostly) stateless. There is no "logged in" to "log out." > > >> Are you wanting to ensure that the user has to enter their credentials in > >> again when presented with the OAuth flow? If not, what would you be > >> interested in doing this for? > > >> Taylor > > >> On Thu, Aug 19, 2010 at 6:50 AM, JTOne wrote: > >>> How i can logout using oauth or rest api of twitter? > >
Re: [twitter-dev] Re: How i can logout using oauth or rest api of twitter?
On 08/19/10 17:16, Ken wrote: > Taylor, I don't need this as much as some other developers but I think > I understand why they keep asking for this. > > Sure, our app is not "logged in". But many apps make the user log in > to Twitter in order to use the app. Then, when the user is done with > the app, they can't just logout and leave, we have to tell them to go > to Twitter.com and logout. This is embarrassing (unprofessional) and > potentially risky. If they don't understand that they are still logged > in with Twitter, they may make some mistake, such as tweeting from the > wrong account, and there could be privacy/security concerns about > subsequent actions a user may perform while unknowingly logged in to > Twitter. So one way to handle this from your side would be to just forget the user's OAuth tokens. Your app will still appear "authorized" to the user in the connections screen, which would be confusing, but your application wouldn't be able to perform any operations on their behalf. It might be useful to have a "destroy credentials" endpoint though, to remove your app from the connections screen. D > On Aug 19, 4:20 pm, Taylor Singletary > wrote: >> The REST API is (mostly) stateless. There is no "logged in" to "log out." >> >> Are you wanting to ensure that the user has to enter their credentials in >> again when presented with the OAuth flow? If not, what would you be >> interested in doing this for? >> >> Taylor >> >> On Thu, Aug 19, 2010 at 6:50 AM, JTOne wrote: >>> How i can logout using oauth or rest api of twitter? >>
[twitter-dev] Re: How i can logout using oauth or rest api of twitter?
Taylor, I don't need this as much as some other developers but I think I understand why they keep asking for this. Sure, our app is not "logged in". But many apps make the user log in to Twitter in order to use the app. Then, when the user is done with the app, they can't just logout and leave, we have to tell them to go to Twitter.com and logout. This is embarrassing (unprofessional) and potentially risky. If they don't understand that they are still logged in with Twitter, they may make some mistake, such as tweeting from the wrong account, and there could be privacy/security concerns about subsequent actions a user may perform while unknowingly logged in to Twitter. Let me turn the question around: why does Twitter not want this? Ken On Aug 19, 4:20 pm, Taylor Singletary wrote: > The REST API is (mostly) stateless. There is no "logged in" to "log out." > > Are you wanting to ensure that the user has to enter their credentials in > again when presented with the OAuth flow? If not, what would you be > interested in doing this for? > > Taylor > > On Thu, Aug 19, 2010 at 6:50 AM, JTOne wrote: > > How i can logout using oauth or rest api of twitter? > >