Hey Raffi,
I don't think these requests fall into "personal use" – they're requests by
Twitter app developers for their Twitter apps. It would go a long way for
Twitter to show that it cares for its developers if they didn't treat their
requests like requests from general users.
I've put in a "Tr
Raffi, thank you for the response, but it is disappointing. I have to
agree completely with Aral that these requests are not for "personal
use". Some of us have hundreds/thousands of users around the world who
use our apps as a means to participate on Twitter, and it is
ultimately those users who a
Ah, so Twitter wants to see a *registered* trademark number?
(As an aside: why do you hate your developers, Twitter?) :)
The thing is, a trademark does not _have to be_ registered to be a
trademark. Products get trademark protection automatically.
I guess if I don't hear back, I'll have the IP l
Raffi Krikorian wrote:
The term most frequently used for “delegator” is “relying party.”
What you call the service provider is most frequently called the
“identity provider.” What you call the consumer is usually called
the “subject.” See OpenID, InfoCard, and other similar
yeah - i hate to be the bearer of bad news.
On Thu, Feb 11, 2010 at 7:45 AM, Aral Balkan wrote:
> Ah, so Twitter wants to see a *registered* trademark number?
>
> (As an aside: why do you hate your developers, Twitter?) :)
>
> The thing is, a trademark does not _have to be_ registered to be a
>
>
> (I just don't get this impersonal "computer says NO" attitude towards
> developers. Is this just the corporate culture at Twitter or are you guys
> severely short-staffed? Thinking Twitter really needs to invest in developer
> relations. Maybe get someone whose job it is to handle developer rel
twitter only returns data back in its "geo" field if the tweet has been
explicitly geotagged.
search, however, attempts to use other signals to determine where the tweet
is, and will attempt to return "more" tweets when you use its "search"
parameter. it does not, however, expose those signals in
I just tweeted the developer advocate position.
Aral
On Thu, Feb 11, 2010 at 4:17 PM, Raffi Krikorian wrote:
> (I just don't get this impersonal "computer says NO" attitude towards
>> developers. Is this just the corporate culture at Twitter or are you guys
>> severely short-staffed? Thinking T
I'm just starting to develop a web-based Twitter api application (in
PHP), which should allow multiple users to tweet through the website.
I'm experienced developing websites with PHP, but I've never worked
with the Twitter API, and I see that the preferred authorization
method is with OAuth, which
On 2/11/2010 9:30 AM, Paul wrote:
My question at last is then, what are good practices for the 3rd party
site? Should the site request the user to reauthorize with Twitter
each& every time he/she comes to the site? Should the 3rd party site
have it's own login/username/password for users and
Aral,
I'm not sure where you get the idea that we don't care about developers and
that humans aren't involved in the process. Raffi and the rest of the
platform team actively respond to emails from developers at all hours of the
day on both weekdays and weekends.
As for the issue of handing over
That is similar to what we are doing at TweetPhoto and it is working
out fine.
Feel free to check out what we are doing:
http://groups.google.com/group/tweetphoto/web/oauth-signin
Third-party apps share with us their app's consumer key and secret.
We receive the same level of access to the thir
TweetPhoto now supports OAuth for photo sharing within third-party
applications.
http://groups.google.com/group/tweetphoto/web/authentication
Let me know if you have any questions whatsoever.
Sean
Ryan, I appreciate your response. I cannot speak for Aral but I can
tell you that it has been very frustrating for us. I have been pulled
along by Twitter support for the last month by being told that "we may
be able to transfer the username when..." and then later being
rejected on the basis of no
Hi Ryan,
My greatest issue with all this is that you appear to have a form response.
Currently, you're just not handling account transfers at all. And that's the
same policy for general users (of which you have gazillions) and developers
(of which you have an order of magnitude or two less).
The
This reminds me. Not so long ago, also over a form response, I hurled
my toys out of the cot so violently that I'm still searching for my
favorite rubber duck.
There should be a lesson in here somewhere.
And the lesson is: Form responses are good __only__ for the
shareholders.
On Feb 11, 5:38 pm
account/verify_credentials discloses information that is private. For
> example, the HTTP header of account_verify_credentials discloses information
> about how frequently the user accesses twitter (the rate limit headers). If
> the user hasn't previously authorized (via OAuth) the delegator (relyi
one potential option is to use "sign in with twitter" -
http://apiwiki.twitter.com/Sign-in-with-Twitter
you will get oauth tokens for the user (which you could store in your
database), and it means that you may not need to build a sign in mechanism.
On Thu, Feb 11, 2010 at 8:30 AM, Paul wrote:
Here's a hint for anyone who runs multiple concurrent processes, and
encounters those "401 invalid / used nonce" errors.
Calculate your nonce as:
md5(posix_getpid() . microtime() . mt_rand())
Raffi Krikorian wrote:
in general, i really like this mechanism. from just a usability
standpoint, however, it means that the consumer has to make a few
calls simply to perform one action -- they have to call Twitter and
then the service provider. on top of that, a real world example would
h
Aral,
Thanks for the thorough follow up. First of all we definitely care and we
try to show that as opposed to just saying it. The @username issue is a
really sticky one for us for a number of reasons. With that being said, I'm
going to meet with our team internally to review the process and see i
Thanks for sending this out.
I did want to send a note about having developers share consumer keys and
secrets with other applications. While we don't have an explicit policy yet
to block this we STRONGLY advise not to hand out your tokens to other
providers for a number of reasons. Most important
Hello all,
I have just ran into a strange behavior when retrieving the latest
tweet using statuses/user_timeline.
The following URL returns as expected my latest tweet:
http://twitter.com/statuses/user_timeline/cjoudrey.rss?count=1
However, when you change the output to JSON something very odd
h
I am a linguist at the University of Sydney currently studying the
language of microblogging. I would like to build a 100 million word
corpus of tweets. I am trying to determine the best way of collecting
such a corpus. Does Twitter make data available directly or is the
only method scraping tweets
Ah, ok.
i think i understand it now... ;-) thanks!
On 10 Feb., 16:12, ryan alford wrote:
> The user doesn't actually "create" their OAuth tokens manually. The tokens
> are created automatically by Twitter and given to you through responses
> after the user has given your application permission t
When I am sorting tweets, can I just do a simple sort DESC on
status_id instead of the creation date? I assume status_ids are
created sequentially going up so sorting on status_id would be more
efficient than trying to sort on the created_at field.
Hi John,
The app allows users to search different sources simultaneously, eg:
Twitter, YouTube, Flickr. The problem is that all the searches are
being made from our corporate network, using the same IP address.
Unfortunately, the Streaming API doesn't provide the search
functionality we need.
Tha
Hi,
We are building a twitter application which fetches lot of follower data of
particular user. Some users consume around 80,000 calls to complete the
task. So how can we use 4-5 whitelisted ip's to perform single task without
break. Is this possible? If so, how?
Eagerly looking for help from you
Hi,
Using a few dozen separate accounts, our app sends personal tweets to
all followers of @twisst.
Most of those accounts were suspended on Tuesday, I suppose because
some spam-catching algorithm marked them as spam. Fortunaly, after I
sent an e-mail to Twitter, they were soon unsuspended. The
The way I did it for my website is to store the tokens in a db and put
a custom persisting cookie on the user's browser. The user can 'sign-
off' removing the cookie and will have to authenticate with Twitter
next time she uses the protected functionality on my website. Or the
cookie can expire/be
Also check out LinqToTwitter, it includes a sample web application in
C#
On Feb 10, 10:33 pm, John Meyer wrote:
> On 2/10/2010 7:48 AM, Merrows wrote:> I am seeking someone skilled in .NET
> 3.5, C# to help with implementing
> > twitter oauth, and I would welcome any suggestions of how to find
>
Hello,
I have a bizarre issue with status/user_timeline.
When output is set to RSS, retweets appear in the output:
i.e. http://twitter.com/statuses/user_timeline/27691615.rss
However, if you set the output to JSON, retweets disapear:
http://twitter.com/statuses/user_timeline/27691615.json
Is
Thanks for the reply. Thats what I was thinking.
Would there be any way to return the location data of user with the
search results for a word?
So that I didn't need to make seperate calls for each user?
thanks so much for your help.
On Feb 12, 3:20 am, Raffi Krikorian wrote:
> twitter only re
Dear twitter dev.
anyone knows how to add an app to this little gray box on twitter main page?
is it paid or random?
any info would be appreciated.
another thing I would love to hear some feedback on an app I developed, it
is still in beta but any feedback would be great here is the URL
http://mutw
hi all.
this is a long overdue e-mail, but i wanted to tease out some of the
directions that Twitter is going with OAuth. i want to touch upon four
topics: delegation, OAuth WRAP/2.0, username/password OAuth token exchange,
and basic authentication deprecation.
*DELEGATION - OAuth Echo*
twitter
each user has a location field associated with it - but that is self
reported.
On Thu, Feb 11, 2010 at 2:17 PM, don wrote:
> Thanks for the reply. Thats what I was thinking.
>
> Would there be any way to return the location data of user with the
> search results for a word?
>
> So that I didn't
Take a look at the Streaming API:
http://apiwiki.twitter.com/Streaming-API-Documentation
It's very easy to make a simple collection client to pull the
statuses/sample stream and gather a decent sample of all the tweets.
Tell your programmer to hop on the list and ask any questions that come
up...
On Wed, Feb 10, 2010 at 1:39 PM, Brian Smith wrote:
> The subject does not want just **anybody** to verify his identity; he only
> wants the **relying party** to be able to verify his identity.
>
If I understand correctly, a URL signed using OAuth can be accessed
successfully only once, because
>
> The subject does not want just **anybody** to verify his identity; he only
>> wants the **relying party** to be able to verify his identity.
>>
> If I understand correctly, a URL signed using OAuth can be accessed
> successfully only once, because of the oauth-nonce parameter. Or atleast, it
>
Talking xAuth, hope mobile apps count as 'applications except web
applications'
yup - they do :)
On Thu, Feb 11, 2010 at 8:12 PM, kehers wrote:
> Talking xAuth, hope mobile apps count as 'applications except web
> applications'
>
--
Raffi Krikorian
Twitter Platform Team
http://twitter.com/raffi
> > Talking xAuth, hope mobile apps count as 'applications except web
> > applications'
>
> yup - they do :)
Already signed up (I think) for u/p -> OAuth Token. WRAPped, even better.
--
personal: http://www.cameronkaiser.com/ --
Cameron Kaiser * Floodgap Sy
With the sample stream I got roughly an average of 10 tweets/sec
and roughly 11 words/tweet, but take in count you get the tweets
in multiple languages.
Regards,
Rolando Espinoza La fuente
www.rolandoespinoza.info
On Thu, Feb 11, 2010 at 11:23 PM, Michael Ivey wrote:
> Take a look at the Stre
He specifically states the possibility for mobile apps to use xAuth.
Ryan
Sent from my DROID
On Feb 11, 2010 11:27 PM, "kehers" wrote:
Talking xAuth, hope mobile apps count as 'applications except web
applications'
On 02/10/2010 10:03 PM, mzap wrote:
> I am a linguist at the University of Sydney currently studying the
> language of microblogging. I would like to build a 100 million word
> corpus of tweets. I am trying to determine the best way of collecting
> such a corpus. Does Twitter make data available di
This is good news. This has taken ages to solve though. We came up
with a solution at Tipjoy, told everyone about it, but no one
bothered. Clients are largely to blame for the continued commonness of
asking for passwords:
http://tipjoy.com/api/#authentication
Ivan
http://kirigin.com
On Feb 11, 8
Hi all,
This could be a long email.
I read Raffi's post today,the original post is here:
https://groups.google.com/group/twitter-development-talk/browse_thread/thread/c2c4963061422f28
I think the abandon of HTTP basic auth would be a disaster for all
Chinese twitter users.
The gov of China runs
Wouldn't a regular HTTPS proxy be sufficient?
On Fri, Feb 12, 2010 at 11:00 AM, yegle wrote:
> Hi all,
> This could be a long email.
>
> I read Raffi's post today,the original post is here:
>
> https://groups.google.com/group/twitter-development-talk/browse_thread/thread/c2c4963061422f28
>
> I t
Yes, but not all clients support HTTPS proxy, especially mobile
clients.
On Feb 12, 1:39 pm, Harshad RJ wrote:
> Wouldn't a regular HTTPS proxy be sufficient?
>
>
>
>
>
>
>
>
>
> On Fri, Feb 12, 2010 at 11:00 AM, yegle wrote:
> > Hi all,
> > This could be a long email.
>
> > I read Raffi's post
Made me realise that my app (tDash) should be using HTTPS for all API calls.
Just made a new release now.
Hoping that helps users behind a firewall.
On Fri, Feb 12, 2010 at 11:12 AM, yegle wrote:
> Yes, but not all clients support HTTPS proxy, especially mobile
> clients.
>
> On Feb 12, 1:39 p
Nope, it doesn't work :-(
All DNS queries to twitter.com inside China is poisoned and all
twitter's available IP is blocked.
Anyway, HTTPS should be enabled or at least provide an option :-)
On Feb 12, 2:38 pm, Harshad RJ wrote:
> Made me realise that my app (tDash) should be using HTTPS for all
On Fri, Feb 12, 2010 at 12:17 PM, yegle wrote:
> Nope, it doesn't work :-(
> All DNS queries to twitter.com inside China is poisoned and all
> twitter's available IP is blocked.
>
Ah, I hadn't implemented for the OAuth authorization page. Just done.
(Sorry for the spam, list. Last mail on the
This is going to be tough with cursors. Parallel fetch has been well-aired
on the list, and the demand is well-understood within Twitter.
-John Kalucki
http://twitter.com/jkalucki
Infrastructure, Twitter Inc.
On Thu, Feb 11, 2010 at 7:07 AM, Rushikesh Bhanage
wrote:
> Hi,
>
> We are building a
yegle wrote:
Basically, a API proxy script works as a middleman between twitter and
twitter client, little like man-in-the-middle attack.It's possible to
do this if the authentication is made in HTTP basic auth.But there is
no way to do the same thing with OAuth. The base string of an OAuth
reque
In short, today, yes. Soon, no, but it might not matter.
At the moment, status ids are strictly increasing. We can't keep generating
status ids from a single critical section forever though -- at some point
soon we'll have a loosely-coupled distributed id generation system and ids
will be k-sorted
Hi Brian,
Thank you, I just noticed the new OAuth specification.
I'll read the specification first and see if there is any workaround
available :-)
On Feb 12, 5:40 pm, Brian Smith wrote:
> yegle wrote:
> > Basically, a API proxy script works as a middleman between twitter and
> > twitter client,
56 matches
Mail list logo