Naveen, Authentication for third-party services will be handled and serviced on Twitter by the user on twitter.com. A user will grant permission to applications to access and edit a specified subset of their account artifacts. Therefore, if a user wants to allow your third-party service long-term access to their data, he would simply give you permission on Twitter.
The about OAuth section here: http://oauth.net/about for more understanding has a great high-level analogy. @dougw On Feb 3, 1:52 pm, Naveen <[email protected]> wrote: > Hi Doug, > > The second part of your response was very encouraging so I just wanted > to confirm it again :-) > > Are you saying "Yes" to how twitter's Oauth implementation will work? > or are you saying "It would be nice to be able to do it" and therefore > hope that twitter would do so? > > If it is the former, can you shed some light on how a third party > website will be able to get long term user-specific credentials from > twitter? > > Best and thnx > > Naveen > > On Feb 2, 9:31 pm, dougw <[email protected]> wrote: > > > Naveen, > > Storing user credentials is never ideal but with basic auth, > > applications that want to make occasional calls to the API must retain > > a local copy of the credentials. Each request to a credential- > > protected API method requires credentials for authentication. > > Obviously this is not ideal, but the current API model is session- > > less. > > > Your second question is yes. It will be nice, won't it? > > > @dougw > > > On Feb 2, 11:52 am, Naveen <[email protected]> wrote: > > > > I have some basic questions (I am still learning this world) regarding > > > fetching another user's timeline... > > > > 1. If basic authentication is a must to get the feed for "protected > > > updates", then does that mean that a third party website that purports > > > to fetch a user's timeline needs to store the user's id and password > > > to repeatedly provide these parameters as part of basic auth while > > > fetching the timeline? Is that what sites such as friendfeed do? Or is > > > there a way to perform a one time login and then somehow use a user > > > specific credential on a long term basis? > > > > 2. When twitter moves to using oauth, will there be a way for other > > > friend > > > networks to continuously be able to fetch a twitter user's feed after > > > first time Oauth based authorization by using the user specific token > > > on a long-term basis? > > > > Naveen- Hide quoted text - > > > - Show quoted text -
