We are developing a website that uses the Twitter API. At current,
when a users gets onto our site, a login screen appears, prompting the
user to enter his/her twitter username and password. Our system/
website does http://twitter.com/account/verify_credentials.format
) to check if this is a valid user and if their password and username
match. If we get a '200' code then we log the user.

However, http://apiwiki.twitter.com/Rate-limiting says:
"The default rate limit for calls to the REST API is 150 requests per
hour. The REST API does account- and IP-based rate limiting.
Authenticated API calls are charged to the authenticating user's limit
while unauthenticated API calls are deducted from the calling IP
address' allotment."

Does this mean that we can only get 150 users requesting
http://twitter.com/account/verify_credentials.format at a given hour?

Are we doing our logon process correctly this way? Or should we
consider a better approach to this?

Reply via email to