Hi Raffi, What is the reason for no longer allowing the source parameter for Basic Auth desktop apps?
The issue is this: The policy is blatantly unfair. The current policy benefits some desktop apps that use Basic Auth while penalizing others. The policy should either remove the source parameter from all Basic Auth desktop apps or allow it for all. It's unfair and hurts a subset of devs while benefiting another subset. I can't believe there is still debate about whether the PIN workflow for *desktop* apps is better from a usability standpoint than simply using username/password. I'm looking forward to the adoption of the new browserless api that exchanges username/password for an access token. In addition, as you stated, you are currently working on a delegation method for integration with other apps. Since it isn't available yet, how can you penalize devs for not adopting it? In many ways, the Twitter api and documentation are quite nice. But this is one area where the company has gone far astray. This arbitrary and unfair policy feels punitive and ham-handed compared with the many well thought out aspects of the Twitter api. For my app, I've had many feature requests including people wanting their tweets to say 'from Itsy' rather than 'from web'. They don't understand why some apps do this and some don't. I've had exactly zero people asking for OAuth or anything like it. No one wants a more convoluted login procedure. They do want new apps to work like Tweetie, Twitterrific and the many other apps they are used to. Please reinstate the source parameter for Basic Auth desktop apps until OAuth for desktop is fully ready and a reasonable transition period has elapsed. The policy should be uniformly applied so that it's fair. Not allowing the source parameter isn't going to coerce devs who have thought through the legitimate issues with Twitter's current incomplete OAuth implementation. It just creates a situation where users and devs are hurt due to an arbitrary and unfair policy. Thank you. Sanjay itsyapp (at) gmail http://mowglii.com/itsy On Jan 11, 11:01 pm, Raffi Krikorian <ra...@twitter.com> wrote: > > As it stands, developers who have relatively new desktop apps are > > penalized by having updates from their app say 'from web'. Older Basic > > Auth desktop clients continue to enjoy a link back to the client web > > site with a 'from app' link. > > ... > > > I understand Twitter is trying to force people to use OAuth, but that > > won't happen in a meaningful way until OAuth is reliable, has a truly > > usable workflow (PIN method isn't it), and can work well with other > > services (Twitpic, yfrog, etc). We aren't there yet. > > i'm trying to gather use cases around OAuth to help it make sense for more > people to use it -- as it stands, we are not going to allow the source > parameter to be set in new applications unless they come from OAuth. so, > please help me out! > > is the reliability of OAuth an actual concern? do you have a suggestion as > to what you would like to see other than the PIN workflow? additionally, > we're actively working on a "delegation" method for integration with other > services. > > -- > Raffi Krikorian > Twitter Platform Teamhttp://twitter.com/raffi
