If you have a user's username and password, you can do OAuth without
user intervention. I did it using .Net to do screen-scraping for a
desktop application to get the PIN. I was able to do everything
necessary to get the access token without anything from the user other
than their username and password.

However, Twitter does not condone this and could/would blacklist an IP
if this process is used.

Ryan


On Oct 23, 2009, at 5:18 PM, Chris Babcock <cbabc...@kolonelpanic.org>
wrote:

>
> On Fri, 23 Oct 2009 16:32:25 -0400
> ryan alford <ryanalford...@gmail.com> wrote:
>
>> It is possible to do OAuth without user interaction if you have their
>> username and password, but this is frowned upon by Twitter and could
>> get your IP blacklisted.
>
> You do need user interaction to get initial approval for a token,
> after
> which you can reuse a token until it is revoked. There is a chance
> (Has
> this happened recently?) that a token may expire without obvious
> reason, but they are supposed to be reusable.
>
> There's no replacement for testing, which has been absent in my shop
> recently because of the churn on the API... which I'm hoping will be
> addressed by versioning.
>
> Chris Babcock

Reply via email to