And again this discussion dies off... I really don't understand why Twitter
and most developers are so quiet about this. What's the plan for supporting
3rd party APIs via Oauth? Right now for those of us already exclusively
Oauth based on Twitter's recommendation, or for the rest of you in the near
future when basic auth is deprecated?

Sticking our heads in the sand isn't going to lead to an answer...

On 11/30/09 5:43 PM, "Dewald Pretorius" <> wrote:

> I know some people will kick my shins over this, but I would not
> recommend using Twitter OAuth (or Facebook Connect for that matter) as
> the primary mechanism for logins to your own site.
> Why would one expose your site to the stability, availability,
> temperament, and good graces of another service over which you have no
> control? If they are down, or for some reason they blocked you, your
> app is dead in the water (nobody can login), even if there is
> functionality that does not depend on API calls to the external
> service. You may have a lot of things cached so that your site can
> function even when Twitter OAuth is on the blink. That helps you
> nothing if you depend on Twitter OAuth for user logins to your site.
> On Nov 30, 9:03 pm, Michael Steuer <> wrote:
>> To all who are wondering about this - I raised this issue and some
>> suggestions a while back, got 1 response from Twitter, but when I asked the
>> dev community who else struggles with this, it was awfully silent (perhaps
>> people hoping Twitter would never deprecate basic auth)... See this thread:
>> 5632554444efcb
>> On 11/30/09 4:48 PM, "Brian Morearty" <> wrote:
>>> Thanks for asking. I was just wondering the same thing. :-)
>>> On Nov 30, 3:19 pm, "LeeS - @semel" <> wrote:
>>>> Here's the situation:
>>>> My app lets users OAuth via Twitter as their login.  Simple and
>>>> standard.
>>>> Now, I've created an API for my app.  I want other apps, say Twitter
>>>> clients, to be able to use my app, as if they are one of my app's
>>>> users.  What's the best way to let the user authorize that app to use
>>>> my app?  Do I have to implement OAuth myself, and then have the user
>>>> OAuth twice, once into my app and once into Twitter via my app to let
>>>> my app access Twitter?  That's a lot of screens for the user to go
>>>> through.
>>>> I'm curious how you'd handle this, and if there's a simpler solution.
>>>> Lee

Reply via email to