Oauth/authenticate was added later and I guess the application detail page
was never updated.
Abraham
On Tue, Jan 19, 2010 at 17:29, eco_bach wrote:
> yeah thanks
> Just curious why that isn't displayed as an option in my Application
> details page...
> Might cause some confusion for anyone who
yeah thanks
Just curious why that isn't displayed as an option in my Application
details page...
Might cause some confusion for anyone who hasn't read the wiki in
detail.
Thanks Ryan
On Jan 17, 5:38 pm, ryan alford wrote:
> 1. Desktop applications are those that are installed or ran from a PC
> /Mac/Linux or on a mobile device. They are outside of the browser.
>
> 2. One is used for web applications, the other is for desktop applications.
>
> 3. You are correct.
Hi --
Auto following is discouraged. However if your app relies on the user
following your account, you should clearly state well ahead of the
auto follow action what relationship changes will occur to the user's
account.
Thanks,
Doug
Sent from my mobile.
On Aug 15, 2009, at 12:07 PM, b
On Thu, 6 Aug 2009 08:50:05 -0700 (PDT)
Dewald Pretorius wrote:
> If I understand you correctly, you're saying one should login for the
> user in the OAuth process? Wouldn't that involve scraping the Twitter
> web interface? Or am I outside the ballpark with my understanding?
I'm saying that, f
> Some users aren't comfortable giving their Twitter password to another
> website. For them, it's sort of a good thing to be sent to Twitter's
I would hazard a guess that they really are the long tail. Only a
small percentage of people would care, most would not but they are
going to be penalize
Chris,
If I understand you correctly, you're saying one should login for the
user in the OAuth process? Wouldn't that involve scraping the Twitter
web interface? Or am I outside the ballpark with my understanding?
Dewald
On Aug 6, 10:36 am, Chris Babcock wrote:
> On Thu, 6 Aug 2009 05:09:48 -0
Some users aren't comfortable giving their Twitter password to another
website. For them, it's sort of a good thing to be sent to Twitter's
UI to authenticate; it builds confidence that their credentials won't
be abused. I'm looking for a sweet spot, where the user knows Twitter
is participating
On Thu, 6 Aug 2009 05:09:48 -0700 (PDT)
Dewald Pretorius wrote:
> Amen to that.
>
> When one does customer support for long enough, you quickly realize
> that:
>
> a) People do not read instructions, and
>
> b) Many people are not as computer literate as you'd wish them to be.
>
> If you send
It's a subtle distinction: users aim to use the application, not the
Twitter website. They expect Twitter to ask for their permission, but
they don't expect to start using the Twitter website. So they're a
little surprised when Twitter asks them to log in. The page doesn't
make it clear that th
Jesse,
Amen to that.
When one does customer support for long enough, you quickly realize
that:
a) People do not read instructions, and
b) Many people are not as computer literate as you'd wish them to be.
If you send people all over the place, many go, "WTF," and abandon the
process out of fe
On Wed, Aug 5, 2009 at 7:32 AM, Duane Roelands wrote:
>
> If your users don't understand why they're seeing the Twitter login
> screen, then your application needs to do a better job of explaining
> it.
>
Duane I don't think this has anything to do with that. Having worked on
e-commerce sites for
If your users don't understand why they're seeing the Twitter login
screen, then your application needs to do a better job of explaining
it.
On Aug 4, 2:05 pm, John Kristian wrote:
> a user who's focused on the application won't see the
> first page and wonder, "Why must I log in to Twitter? I
I would agree, this area needs some TLC as my post suggested:
http://groups.google.com/group/twitter-development-talk/browse_thread/thread/0f57965561504a1c?hl=en
The pin is only required to exchange the request token for the access token.
After you have an access token the pin is useless.
Abraham
On Mon, Jul 20, 2009 at 07:06, srikanth yaradla
wrote:
>
> What about the pin?(for desktop clients) How long will it be
> accessible.
>
> Regards
> Srikanth
>
>
What about the pin?(for desktop clients) How long will it be
accessible.
Regards
Srikanth
On Jul 20, 4:24 pm, Mandakini kumari wrote:
> Hi
>
> No it will not expired/ invalid you can store it in DB or cookie
>
>
>
> On Mon, Jul 20, 2009 at 4:33 PM, CG wrote:
>
> > Hi all, I have a newbie que
What about the pin?(for desktop clients) How long will it be accessible.
Regards
Srikanth
On Mon, Jul 20, 2009 at 4:54 PM, Mandakini kumari wrote:
> Hi
>
> No it will not expired/ invalid you can store it in DB or cookie
>
>
>
>
>
> On Mon, Jul 20, 2009 at 4:33 PM, CG wrote:
>
>>
>> Hi all, I
Hi
No it will not expired/ invalid you can store it in DB or cookie
On Mon, Jul 20, 2009 at 4:33 PM, CG wrote:
>
> Hi all, I have a newbie question would like to seek the confirmation
> from experienced twitter app developer ... hopefully somebody can
> help .
>
>
> I would like to develop
On Sun, Jul 12, 2009 at 11:27 PM, Wynn
Netherland wrote:
> If you want to give your users the ability to use multiple twitter accounts
> with your service, Authorize allows them a chance to switch accounts during
> the login flow. We consciously do that on a couple of our apps.
Bingo. ditto my ap
If you want to give your users the ability to use multiple twitter accounts
with your service, Authorize allows them a chance to switch accounts during
the login flow. We consciously do that on a couple of our apps.
On Sun, Jul 12, 2009 at 10:02 PM, Abraham Williams <4bra...@gmail.com>wrote:
>
>
On Sun, Jul 12, 2009 at 20:54, Scott Carter wrote:
>
>
> I am using as a reference the Sign in with Twitter documentation at:
> http://apiwiki.twitter.com/Sign-in-with-Twitter
>
> When I issue an authenticate call to:
> https://twitter.com/oauth/authenticate?oauth_token=
>
> The callback I get is:
Hi Romeo,
In order to make 'Sign in with Twitter' secure we do indeed now
return the request token, and you can then exchange that for an access
token. There is a ticket in place [1] to update the documentation to
match.
Thanks;
– Matt Sanford / @mzsanford
Twitter Dev
[1] - ht
Hi all,
So it looks like that the token being returned to the callback from
oauth/authenticate is now the same request token we sent. Can someone
please confirm this? This is the last message I found on the topic.
If this is the case, how are we supposed to proceed? Should we
exchange the reques
Thanks Doug. It might help users to also post a link to the blog entry
as it explains the code and flow.
On May 1, 10:00 am, Doug Williams wrote:
> Adding this to the wiki. Thanks for sharing!
>
> Thanks,
> Doug
> --
>
> Doug Williams
> Twitter Platform Supporthttp://twitter.com/dougw
>
> On Fri
Adding this to the wiki. Thanks for sharing!
Thanks,
Doug
--
Doug Williams
Twitter Platform Support
http://twitter.com/dougw
On Fri, May 1, 2009 at 12:54 AM, jmathai wrote:
>
> Did a quick write up on using PHP to sign in to Twitter.
>
> Working Example: http://www.jaisenmathai.com/sign_in_
Was there an announcement that this was going down? I'm seeing "This feature
is temporarily disabled" as well.
Jesse
On Sun, Apr 19, 2009 at 4:05 AM, Rore wrote:
>
> Any idea when authenticate url will work again?
>
>
> On Apr 17, 4:31 pm, Matt Sanford wrote:
> > Hi all,
> >
> > This behav
Any idea when authenticate url will work again?
On Apr 17, 4:31 pm, Matt Sanford wrote:
> Hi all,
>
> This behavior (i.e. which token is returned) is likely to change
> soon. Once again, stay tuned for updates.
>
> — Matt
>
> On Apr 17, 2009, at 01:02 AM, Abraham Williams wrote:
>
> > Th
It would be nice to support applications that merely authenticate,
never authorize. That is, they don't ask for permission to access
Twitter on the user's behalf. Such an application would never direct
a user to /oauth/authorize, and thus would never get a token secret
from the authorization flo
Hi all,
This behavior (i.e. which token is returned) is likely to change
soon. Once again, stay tuned for updates.
— Matt
On Apr 17, 2009, at 01:02 AM, Abraham Williams wrote:
The oauth_token returned from oauth/authenticate is the key from the
users access tokens. as long as you stor
The oauth_token returned from oauth/authenticate is the key from the users
access tokens. as long as you store the access tokens you can match the
returned oauth_token with what is in your database.
On Fri, Apr 17, 2009 at 01:35, John Kristian wrote:
>
> I'm having trouble using /oauth/authentic
I'm having trouble using /oauth/authenticate, too. After
authenticating, Twitter redirects back to my consumer with a different
oauth_token than the one I sent to initiate authentication. Twitter
APIs don't accept either token. Sending the original request token
to /oauth/access_token elicits H
It just dawned on me: it looks like /oauth/authenticate is designed to
merely deliver a user's ID and screen_name to a application, not to
authorize the application to access Twitter on the user's behalf. Is
that so?
A suggestion: treat the user ID and screen_name as a resource that's
protected
An idea is to have the oauth/authorize page display login/don't login
instead of accept/deny if the user has already approved the application.
On Thu, Apr 16, 2009 at 16:29, djMax wrote:
>
> Did this stop working? All of the sudden I'm getting 500 server
> errors back. Was working ok 15 minute
Did this stop working? All of the sudden I'm getting 500 server
errors back. Was working ok 15 minutes ago.
On Apr 16, 12:52 pm, Doug Williams wrote:
> Matt has deployed our answer for one click login. It requires only a small
> change to the normal Twitter OAuth workflow and is documented her
Allen,
OAuth is the third-party authorization protocol that we have decided to
embrace. You can search the group's archives [1] for past discussion on
OpenID and the Twitter API.
1.
http://groups.google.com/group/twitter-development-talk/search?group=twitter-development-talk&q=openid&qt_g=Search+t
Hello again,
We've discussed OpenID but adding it is not something we can do
in the near-term. With OAuth just out the door we felt like this was a
better user experience than have to continually re-display the Accept/
Deny dialog. I'm looking into a few issues raised in this thread that
On Apr 16, 9:52 am, Doug Williams wrote:
> Matt has deployed our answer for one click login. It requires only a small
> change to the normal Twitter OAuth workflow and is documented here:
>
> http://apiwiki.twitter.com/Sign-in-with-Twitter
>
> This is the perfect tool for web applications wanting
On 4/16/09 2:33 PM, Matt Sanford wrote:
The initial token required is a RequestToken rather than an
AccessToken. Making the request for the RequestToken requires you know
the consumer key/secret and (a) let's us know what application this is
for (callback_url alone would not) and (b) preven
Awesome this will definitely improve the process. In particular the
users will only have to face the question of "Deny or Allow" access
only once.
The only problem I foresee is if multiple users use the same computer.
This way if USERA is already signed in to Twitter and USERB attempts
to log int
Zac,
Matt and I agree there is value here. I've opened Issue 469 [1] to track
this enhancement.
1. http://code.google.com/p/twitter-api/issues/detail?id=469
Doug Williams
Twitter API Support
http://twitter.com/dougw
On Thu, Apr 16, 2009 at 11:48 AM, Dossy Shiobara wrote:
>
> On 4/16/09 2:33 P
On 4/16/09 2:37 PM, Abraham Williams wrote:
I'm not quite sure what you mean by this. Oauth/authenticate works
pretty much exactly the same as oauth/authorize but uses a different
path and may not require any action by the user if they have previously
authorized.
How do you know which oauth_to
On 4/16/09 2:33 PM, Matt Sanford wrote:
The initial token required is a RequestToken rather than an AccessToken.
Making the request for the RequestToken requires you know the consumer
key/secret and (a) let's us know what application this is for
(callback_url alone would not) and (b) prevent the
On Thu, Apr 16, 2009 at 13:26, Dossy Shiobara wrote:
>
> On 4/16/09 12:55 PM, Doug Williams wrote:
>
>> Related: More OAuth documentation is to come throughout the day so
>> some of the links will be broken. It's a glaring omission in the
>> documentation.
>>
>> Let's use this thread to fill the
Hi Dossy,
The initial token required is a RequestToken rather than an
AccessToken. Making the request for the RequestToken requires you know
the consumer key/secret and (a) let's us know what application this is
for (callback_url alone would not) and (b) prevent the token-shooting
met
On 4/16/09 12:55 PM, Doug Williams wrote:
Related: More OAuth documentation is to come throughout the day so
some of the links will be broken. It's a glaring omission in the
documentation.
Let's use this thread to fill the holes people find while implementing
Sign in with Twitter for the time b
That is why there are 2 methods:
1) Authorize that always displays prompt on Twitter.
2) Authenticate that shows nothing if already signed in and authorized.
Use them based on your needs.
Something to keep in mind that OAuth is not designed for identity
authentication. It is designed for data aut
Sorry, a little confused by your email. :-)
It's really not directly related to "twitter sign-on" directly but
with OAuth authentication in general that doesn't force the user to
authenticate each time.
The problem is with all OAuth providers that shortcut the process of
associating and granting
Ivan, that doesn't solve the original problem of getting those
accounts authenticated.
Zac, you should just use the /oauth/authorize link instead. the
/oauth/authenticate link is what will do the auto-redirect.
-Chad
On Thu, Apr 16, 2009 at 1:45 PM, Ivan Kirigin wrote:
>
> Zac, this can be sol
Zac, this can be solved just be properly modeling user accounts and
twitter accounts.
It should be one-to-many. Signing in with any of their twitter
accounts can sign in that user.
Let me know if that doesn't address your problem.
Ivan
http://tipjoy.com
On Apr 16, 1:18 pm, Zac Bowling wrote:
Hi Doug,
There is a use case that sort of sucks when you don't force the user
to authenticate each time, and thats when a your application supports
multiple twitter accounts. Its nice to shortcut authenticating because
it removes a step for the end user, but it sucks when you are trying
to associ
Related: More OAuth documentation is to come throughout the day so
some of the links will be broken. It's a glaring omission in the
documentation.
Let's use this thread to fill the holes people find while implementing
Sign in with Twitter for the time being.
Cheers,
Doug Williams
Twitter API Sup
51 matches
Mail list logo