If a Twitter user has authenticated my app, is it possible for me to view their email address?
>From what I can tell through the O'Reilly book and Google searches, the answer is currently "no" due to, I'm assuming, security concerns... But I can think of several reasons why the user may want to allow me to have this information. For example, they could use my app to set up email alerts for themselves that would be triggered by various events, or use it to send them compiled reports, etc. Being able to read their email address could be very useful, and I would love to have it as a feature in the API. Yes, I could also use it to send them spam, but that's why they should block my app if they don't trust me. People put their email address into forms all over the Internet all the time, probably hundreds of times per year, so it seems silly for me not to be able to read it even with the user's permission. One feature that should _definitely_ be removed, however, is the ability to _change_ the user's email addresss. For instance, if a person authorizes my app and I do this: $to->OAuthRequest('https://twitter.com/account/update_profile.xml', array('email' => 'iame...@hotmail.com'), 'POST'); then all I have to do is fill out the Forgotten Password form, check the confirmation code that gets sent to _my_ hotmail address, and then suddenly I've got full control over the poor user's account and the ability to spam all of their followers. Watch out, Ashton! I can't believe that the Twitter API permits this, but doesn't allow me to do something simple and useful like emailing the person a list of their followers. Am I missing something? Dave.