Thanks Doug. I'm anxiously looking forward to the answer to that question -
it will make things much better for those of us running scripts on the
backend who want to verify when our users have changed their passwords with
Twitter so we can notify them to change with us as well.
I understand this week's  circumstances, but it isn't the first time this
has happened.  The more notice Twitter can give us on any change you make,
especially with limits, the better - my entire weekend was spoiled (and I'm
visiting my parents in Boston) trying to re-factor code because of this.  Is
there any way Twitter can consider doing what Facebook is doing and release
new changes into a beta environment for a week before it goes live?  That
would at least ensure we always have a week to test our changes, regardless
of notice.  The less surprise, the better, IMHO.

I hope this sounds constructive, more than critical - it is intended to help
improve, rather than just troll or criticize.  I hope it is taken as such.


On Mon, Jul 20, 2009 at 1:23 PM, Doug Williams <> wrote:

> All,
> This change was thrown out on the pipeline rather quickly. We admittedly
> should have done a better job voicing this rollout well in advance though it
> was not a normal week at HQ for a number of very public and private reasons.
> Users are now limited to 15 calls to account/verify_credentials per hour.
> We have not received an abundant number of emails stating that these limits
> are causing problems. This is not to say that there are cases where this is
> inconvenient, but in aggregate very few developers have contacted me with
> issues. If you feel that 15 requests per hour per user is too low, please
> help us update this policy and share details of your use case.
> Chad, et. al, I will follow up with the answer to your question (if this
> limit affects calls to the method with correct credentials) when I have a
> moment to speak with Alex.
> Thanks,
> Doug
> On Sat, Jul 18, 2009 at 5:43 PM, Jesse Stay <> wrote:
>> Yeah, to tell you the truth the no notice thing has completely ruined my
>> weekend trying to re-factor broken production code thanks to this.
>> Jesse
>> On Sat, Jul 18, 2009 at 4:46 AM, Swaroop <> wrote:
>>> This is occurring with OAuth as well. verify_credentials is now being
>>> limited to 15 calls/hour. I really wish they had informed us in
>>> advance, at least not a day before weekend.
>>> On Jul 18, 11:07 am, Jesse Stay <> wrote:
>>> > I asked the same thing of Alex - waiting to hear back. This method is
>>> still
>>> > very useful for verifying users haven't changed their passwords since
>>> the
>>> > last time the script was run.  Also, in Alex's own words, OAuth isn't
>>> ready
>>> > for production yet, last I heard so probably shouldn't go that route
>>> either
>>> > (or is it?).
>>> > Jesse
>>> >
>>> > On Sat, Jul 18, 2009 at 1:37 AM, J.D. <>
>>> wrote:
>>> >
>>> > > I can see why this api should be limited, but it seems (from the
>>> > > outside, I'm sure maybe there are other reasons) like if the
>>> > > credentials are correct, it shouldn't count against the limit. Only
>>> > > limit if the attempts are bad (someone is fishing).
>>> >
>>> > > J.D.

Reply via email to