subject:"Re\: \[twitter\-dev\] Re\: Rapid access of social graph method results in account being locked\?"

Re: [twitter-dev] Re: Rapid access of social graph method results in account being locked?

2009-12-16 Thread Sal Conigliaro

Exactly. That's what I can't figure out.

I'm not passing any authentication info:

http://twitter.com/friends/ids.json?user_id=A
http://twitter.com/friends/ids.json?user_id=J
http://twitter.com/friends/ids.json?user_id=K ... etc

It appears that, afterward, any attempts to login from the same IP
(that I made the Social graph calls) fail (because the account is
locked). I spoke with Mark and one possible explanation is that when
you make the call without
providing proper authentication, they're treating it like a failed
attempt to login.

The locked account has IP lockout entries that match his last login IP
(which is the same one I'm making the social graph calls from). So the
suggestion was to use authenticated requests for the API.

On Wed, Dec 16, 2009 at 11:30 AM, Abraham Williams <4bra...@gmail.com> wrote:
> How does it pick which account to lock if the calls are
> unauthenticated? perhaps you are passing incorrect authentication instead?
> Abraham
>
> On Wed, Dec 16, 2009 at 09:08, Sal Conigliaro  wrote:
>>
>> It appears that repeated (unauthenticated) calls to the API lock out
>> the account.
>>
>> The workaround is to use authenticated credentials when querying the
>> API. It would be helpful if the API docs could be revised to reflect
>> this.
>>
>> Sal
>>
>> On Dec 13, 8:01 pm, Sal Conigliaro  wrote:
>> > Thanks Mark. I appreciate it.
>> >
>> > On Dec 13, 1:28 am, Mark McBride  wrote:
>> >
>> > > I'll check with our abuse team, but this looks odd.
>> >
>> > > On Sat, Dec 12, 2009 at 10:23 PM, Sal Conigliaro 
>> > > wrote:
>> > > > Hi there-
>> >
>> > > > I have an app that compares who you're following to your friends
>> > > > followers. To do this, I query
>> > > > ttp://twitter.com/friends/ids.json?user_id=X
>> > > > and compare that to my (saved) list of IDs.
>> >
>> > > > I noticed that if I make repeated (unauthenticated) queries to
>> > > >http://twitter.com/friends/ids.json?user_id=X(ie, I'm comparing my
>> > > > friends to friend A's friends, then to friend A's friend (B), then
>> > > > to
>> > > > friend B's friend (C)) that user_id X gets locked out (I get the
>> > > > "We've temporarily locked your account after too many failed
>> > > > attempts
>> > > > to sign in. Please chillax for a few, then try again." when trying
>> > > > to
>> > > > login to the website (or from a Twitter client).
>> >
>> > > > I'm guessing that the rapid, multiple queries look like abuse.
>> >
>> > > > I did notice, however, then if I make authenticated queries to the
>> > > > same API method, the account locking does *not* happen.
>> >
>> > > > Is this an anti-abuse method? Is my only option to use authenticated
>> > > > calls?
>> >
>> > > > Sal
>> >
>> > > --
>> > >    ---Mark
>> >
>> > >http://twitter.com/mccv
>
>
>
> --
> Abraham Williams | Awesome Lists | http://bit.ly/sprout608
> Project | Intersect | http://intersect.labs.poseurtech.com
> Hacker | http://abrah.am | http://twitter.com/abraham
> This email is: [ ] shareable [x] ask first [ ] private.
> Sent from Madison, WI, United States

Re: [twitter-dev] Re: Rapid access of social graph method results in account being locked?

2009-12-16 Thread Abraham Williams

How does it pick which account to lock if the calls are
unauthenticated? perhaps you are passing incorrect authentication instead?

Abraham

On Wed, Dec 16, 2009 at 09:08, Sal Conigliaro  wrote:

> It appears that repeated (unauthenticated) calls to the API lock out
> the account.
>
> The workaround is to use authenticated credentials when querying the
> API. It would be helpful if the API docs could be revised to reflect
> this.
>
> Sal
>
> On Dec 13, 8:01 pm, Sal Conigliaro  wrote:
> > Thanks Mark. I appreciate it.
> >
> > On Dec 13, 1:28 am, Mark McBride  wrote:
> >
> > > I'll check with our abuse team, but this looks odd.
> >
> > > On Sat, Dec 12, 2009 at 10:23 PM, Sal Conigliaro 
> wrote:
> > > > Hi there-
> >
> > > > I have an app that compares who you're following to your friends
> > > > followers. To do this, I query ttp://
> twitter.com/friends/ids.json?user_id=X
> > > > and compare that to my (saved) list of IDs.
> >
> > > > I noticed that if I make repeated (unauthenticated) queries to
> > > >http://twitter.com/friends/ids.json?user_id=X(ie, I'm comparing my
> > > > friends to friend A's friends, then to friend A's friend (B), then to
> > > > friend B's friend (C)) that user_id X gets locked out (I get the
> > > > "We've temporarily locked your account after too many failed attempts
> > > > to sign in. Please chillax for a few, then try again." when trying to
> > > > login to the website (or from a Twitter client).
> >
> > > > I'm guessing that the rapid, multiple queries look like abuse.
> >
> > > > I did notice, however, then if I make authenticated queries to the
> > > > same API method, the account locking does *not* happen.
> >
> > > > Is this an anti-abuse method? Is my only option to use authenticated
> > > > calls?
> >
> > > > Sal
> >
> > > --
> > >---Mark
> >
> > >http://twitter.com/mccv
>



-- 
Abraham Williams | Awesome Lists | http://bit.ly/sprout608
Project | Intersect | http://intersect.labs.poseurtech.com
Hacker | http://abrah.am | http://twitter.com/abraham
This email is: [ ] shareable [x] ask first [ ] private.
Sent from Madison, WI, United States

Re: [twitter-dev] Re: Rapid access of social graph method results in account being locked?

Re: [twitter-dev] Re: Rapid access of social graph method results in account being locked?

2 matches

Site Navigation

Mail list logo

Footer information