[twitter-dev] Re: When is whitelisting necessary?
Thank you all, looks like I picked a tricky issue for my first question here. After reading all the threads I understand the behavior, although still a bit confused about the rational behind it. At least I am not the only one confused about it :) On Aug 16, 9:16 pm, Bill Kocik wrote: > I think the number of "So how does whitelisting really work?" threads > that have taken place, and continue to take place on this list > indicate a lack of clarity in documentation. Perhaps someone from > Twitter can take the task of updating the rate limiting docs to more > explicitly spell out how it actually works? > > Boaz - as the thread Srikanth referenced states, official word from > Twitter is that you get 20,000 calls per hour *per user* from your > whitelisted IP. (Of course, it's not that cut and dried - POSTs are > different than GETs are different than searches, but in a nutshell you > can expect to make 20,000 authenticated GETs per user per hour > regardless of how many simultaneous users are on your site if your IP > is whitelisted; they're not all sharing a single pool of 20,000 > requests.) > > I'll leave it to you to decide if you need that or not. Most apps that > are just acting as a client probably don't, but there are some edge > cases where it's useful. For a long time I had no intentions of having > Ambeur whitelisted, but now there's a feature I want to offer my users > that I'll need it for, so I've applied. > > And no, I'm not telling you what the feature is. ;) > > On Aug 16, 1:22 pm, srikanth reddy wrote: > > >http://groups.google.co.in/group/twitter-development-talk/browse_thre... > > > On Sun, Aug 16, 2009 at 7:37 PM, Sam Street wrote: > > > > Necessary, for example, if you use a particular account to notify your > > > users of a certain event (sending them notifications). Large apps with > > > high traffic might need to send over 150 alerts from the bot account > > > per hour. > > > > Im thinking it's also used for apps that try to deliver tweets in > > > 'realtime' by requesting the REST API very frequently rather than use > > > the streaming APIs. > > > > Perhaps it's also used to make multiple requests to /users/show via a > > > cronjob that makes sure all the user's of the site have an up to date > > > profile image and background image cached. (If a user changes their > > > profile picture on Twitter, your cached URL 404's) > > > > Anyway I've only used whitelisting for the first (notifying users when > > > they are tagged into photos - or when they are invited to events on > > > twappening.com) > > > > -Sam @sampiclihttp://twicli.com > > > > On Aug 16, 12:16 pm, boaz wrote: > > > > Hello, > > > > > I am new to Twitter API and I am trying to understand whether I should > > > > apply for whitelisting my application. The documentation says: > > > > "IP whitelisting takes precedence to account rate limits. GET requests > > > > from a whitelisted IP address made on a user's behalf will be deducted > > > > from the whitelisted IP's limit, not the users. Therefore, IP-based > > > > whitelisting is a best practice for applications that request many > > > > users' data." > > > > However if for example 200 users are accessing twitter through my > > > > application in one hour, and each access from my app to twitter is > > > > done with the relevant end user as the twitter authenticated user, I > > > > can do 200*150=3 API calls in one hours without whitelisting the > > > > IP address, which is more than the 2 I could do with whitelisting. > > > > Can anyone give a counter example where whitelisting is absolutely > > > > necessary? > > > > > Thank you, > > > > Boaz
[twitter-dev] Re: When is whitelisting necessary?
I think the number of "So how does whitelisting really work?" threads that have taken place, and continue to take place on this list indicate a lack of clarity in documentation. Perhaps someone from Twitter can take the task of updating the rate limiting docs to more explicitly spell out how it actually works? Boaz - as the thread Srikanth referenced states, official word from Twitter is that you get 20,000 calls per hour *per user* from your whitelisted IP. (Of course, it's not that cut and dried - POSTs are different than GETs are different than searches, but in a nutshell you can expect to make 20,000 authenticated GETs per user per hour regardless of how many simultaneous users are on your site if your IP is whitelisted; they're not all sharing a single pool of 20,000 requests.) I'll leave it to you to decide if you need that or not. Most apps that are just acting as a client probably don't, but there are some edge cases where it's useful. For a long time I had no intentions of having Ambeur whitelisted, but now there's a feature I want to offer my users that I'll need it for, so I've applied. And no, I'm not telling you what the feature is. ;) On Aug 16, 1:22 pm, srikanth reddy wrote: > http://groups.google.co.in/group/twitter-development-talk/browse_thre... > > On Sun, Aug 16, 2009 at 7:37 PM, Sam Street wrote: > > > Necessary, for example, if you use a particular account to notify your > > users of a certain event (sending them notifications). Large apps with > > high traffic might need to send over 150 alerts from the bot account > > per hour. > > > Im thinking it's also used for apps that try to deliver tweets in > > 'realtime' by requesting the REST API very frequently rather than use > > the streaming APIs. > > > Perhaps it's also used to make multiple requests to /users/show via a > > cronjob that makes sure all the user's of the site have an up to date > > profile image and background image cached. (If a user changes their > > profile picture on Twitter, your cached URL 404's) > > > Anyway I've only used whitelisting for the first (notifying users when > > they are tagged into photos - or when they are invited to events on > > twappening.com) > > > -Sam @sampiclihttp://twicli.com > > > On Aug 16, 12:16 pm, boaz wrote: > > > Hello, > > > > I am new to Twitter API and I am trying to understand whether I should > > > apply for whitelisting my application. The documentation says: > > > "IP whitelisting takes precedence to account rate limits. GET requests > > > from a whitelisted IP address made on a user's behalf will be deducted > > > from the whitelisted IP's limit, not the users. Therefore, IP-based > > > whitelisting is a best practice for applications that request many > > > users' data." > > > However if for example 200 users are accessing twitter through my > > > application in one hour, and each access from my app to twitter is > > > done with the relevant end user as the twitter authenticated user, I > > > can do 200*150=3 API calls in one hours without whitelisting the > > > IP address, which is more than the 2 I could do with whitelisting. > > > Can anyone give a counter example where whitelisting is absolutely > > > necessary? > > > > Thank you, > > > Boaz
[twitter-dev] Re: When is whitelisting necessary?
http://groups.google.co.in/group/twitter-development-talk/browse_thread/thread/e75daf87a23a0a61# On Sun, Aug 16, 2009 at 7:37 PM, Sam Street wrote: > > Necessary, for example, if you use a particular account to notify your > users of a certain event (sending them notifications). Large apps with > high traffic might need to send over 150 alerts from the bot account > per hour. > > Im thinking it's also used for apps that try to deliver tweets in > 'realtime' by requesting the REST API very frequently rather than use > the streaming APIs. > > Perhaps it's also used to make multiple requests to /users/show via a > cronjob that makes sure all the user's of the site have an up to date > profile image and background image cached. (If a user changes their > profile picture on Twitter, your cached URL 404's) > > Anyway I've only used whitelisting for the first (notifying users when > they are tagged into photos - or when they are invited to events on > twappening.com) > > -Sam @sampicli http://twicli.com > > On Aug 16, 12:16 pm, boaz wrote: > > Hello, > > > > I am new to Twitter API and I am trying to understand whether I should > > apply for whitelisting my application. The documentation says: > > "IP whitelisting takes precedence to account rate limits. GET requests > > from a whitelisted IP address made on a user's behalf will be deducted > > from the whitelisted IP's limit, not the users. Therefore, IP-based > > whitelisting is a best practice for applications that request many > > users' data." > > However if for example 200 users are accessing twitter through my > > application in one hour, and each access from my app to twitter is > > done with the relevant end user as the twitter authenticated user, I > > can do 200*150=3 API calls in one hours without whitelisting the > > IP address, which is more than the 2 I could do with whitelisting. > > Can anyone give a counter example where whitelisting is absolutely > > necessary? > > > > Thank you, > > Boaz >
[twitter-dev] Re: When is whitelisting necessary?
Necessary, for example, if you use a particular account to notify your users of a certain event (sending them notifications). Large apps with high traffic might need to send over 150 alerts from the bot account per hour. Im thinking it's also used for apps that try to deliver tweets in 'realtime' by requesting the REST API very frequently rather than use the streaming APIs. Perhaps it's also used to make multiple requests to /users/show via a cronjob that makes sure all the user's of the site have an up to date profile image and background image cached. (If a user changes their profile picture on Twitter, your cached URL 404's) Anyway I've only used whitelisting for the first (notifying users when they are tagged into photos - or when they are invited to events on twappening.com) -Sam @sampicli http://twicli.com On Aug 16, 12:16 pm, boaz wrote: > Hello, > > I am new to Twitter API and I am trying to understand whether I should > apply for whitelisting my application. The documentation says: > "IP whitelisting takes precedence to account rate limits. GET requests > from a whitelisted IP address made on a user's behalf will be deducted > from the whitelisted IP's limit, not the users. Therefore, IP-based > whitelisting is a best practice for applications that request many > users' data." > However if for example 200 users are accessing twitter through my > application in one hour, and each access from my app to twitter is > done with the relevant end user as the twitter authenticated user, I > can do 200*150=3 API calls in one hours without whitelisting the > IP address, which is more than the 2 I could do with whitelisting. > Can anyone give a counter example where whitelisting is absolutely > necessary? > > Thank you, > Boaz
