This is the current behavior, as far as I can tell. I just made a call to users/show to a public account (one which normally would not require authentication), but I used my username/password in the request. The rate-limit for my username decremented and the rate-limit for my IP did not.
Is this not what you see? -Chad On Thu, Oct 29, 2009 at 11:12 AM, Terry Jones <[email protected]> wrote: > > I just submitted a whitelisting request, along with a comment along the > following lines: > > I think it would be good if Twitter did API call accounting based on the > HTTP auth header whenever one is sent - even if the call itself does not > require auth. > > I'm at home right now and although my account (@terrycojones) is > whitelisted, my home IP is not. So while I can make a decent number of > authenticated calls, I can't do much with the app I'm trying to write as > it's making non-authenticated calls. The non-authenticated calls are > accounted for by IP. Even if my home IP were whitelisted, I'd be stuck if I > were in a hotel. > > The concrete suggestion is: to always do API call accounting based on the > passed auth details, and if no auth information is passed, then fall back > to IP-based accounting. > > That wouldn't change much and is backwards compatible. Auth requiring calls > would be just as they were. But in the case of non-auth requiring calls, > the developer would have the choice: send auth to get account based > accounting, don't send it to get IP based accounting. > > Terry >
