Raffi,
I see your and Abraham's point. From that perspective I agree
regarding 2.
On Feb 9, 11:09 pm, Raffi Krikorian wrote:
> > 2) There should be a call my system can make to remove the app from
> >> the user's connections, typically in the case where the user deletes
> >> his account from my
The API is already kicking back a 401 when you try to use tokens that
have been revoked. But despite that, I'd prefer not to have to make
unnecessary API calls, and hope for the best that the 401 actually
means revoked tokens as opposed to the Twitter system stepping on its
own shoelaces, or my OAu
Could #1 be satisfied by an appropriate error message from the API
when you try to do something with an oAuth’d account?
How is it an invasion of privacy? Are you concerned that an app
developer will experience bouts of deep depression every time someone
removes his/her app, and fire up his chainsaw?
On Feb 9, 5:28 pm, John Meyer wrote:
> Is this really necessary? Unless you're web site does some sort of
> automat
Is this really necessary? Unless you're web site does some sort of
automated action when the user is there I would think this is a little
unnecessary (and somewhat an invasion of privacy).
On 2/9/2010 1:52 PM, Dewald Pretorius wrote:
Ryan,
Re 1)
It will probably work best if one can enter a
Ryan,
Re 1)
It will probably work best if one can enter a separate URL where the
revoked callbacks must be sent. This will also require some type of
call authentication method, so that some joker can't figure out one's
callback URL and send you a bunch of fake revokes and cause you to
incorrectly