Aral, Not sure how in-depth you've been following developments and announcements of the Twitter API, but come this June you will have no choice but to put ScotchGuard on your Ferrari's seats. In other words, come June timeframe, usage of OAuth will become mandatory and Basic Auth will be deprecated.
I'm sure Twitter is working on a more seamless mobile experience for their OAuth implementation. A lot of folks have already thrown their penalty flags onto the playing field over that issue. Dewald On Feb 1, 4:29 pm, Aral Balkan <aralbal...@gmail.com> wrote: > Raffi, > > Would you mind engaging me on this part of my email: > > I really don't understand Twitter's current strategy toward mobile and > > > desktop apps. Are you guys actually _trying_ to say to developers: "don't > > build new mobile/desktop apps because you won't be able to compete with > > existing ones?" > > What I mean by that is this: Existing desktop and mobile apps do _not_ have > > to use oAuth _and_ get to keep their source parameter. The source parameter > > is probably the best means of organic marketing a Twitter app could have. > > OTOH, since these apps aren't using oAuth they don't have to worry about > > giving their apps a UX handicap (try setting up multiple Twitter accounts in > > a mobile/desktop app with oAuth, or using picture upload services and > > delegating your token... there are problems that haven't been solved yet.) > > Even though oAuth is not ready for mobile/desktop, Twitter is penalizing > > mobile/desktop applications that don't use it for UX reasons by not letting > > them take advantage of the organic marketing provided by the source > > parameter. > > I find this hugely unfair. > > I would really love to have a comment on from you guys for the blog post I'm > writing: is Twitter actively discouraging the creation of new mobile and > desktop apps? > > Personally, I am _not_ going to implement oAuth in my mobile app. This is > not because I lack the skills to do so or an understanding of exactly how > oAuth works and what it brings to the table. It's because I will not > sacrifice the UX of my iPhone application by sending people to a barely > legible, unusable, and not-optimized-for-iPhone oAuth page on Twitter.com as > part of their flow (the other objections I listed – which are harder to > tackle than making a mobile-friendly version of the oAuth page, which I > cannot believe Twitter still hasn't done – do not apply to my application.) > > Sending a user to Twitter's oAuth page after having slaved over every pixel > in your iPhone app is like giving someone a ride in a Ferrari and then > throwing them in a mud puddle before pulling them back in for the remainder > of their ride. > > I _really_ hope you can reconsider this as I see no logic whatsoever behind > this policy. > > Regardless, my app goes to Apple tomorrow; source parameter or no. > > All the best, > Aral > > On Mon, Feb 1, 2010 at 8:14 PM, Raffi Krikorian <ra...@twitter.com> wrote: > > hey aral. > > > sorry you didn't get an e-mail back yet! however, like it has been > > mentioned before on the mailing list, documented on the faq on our wiki, > > etc., we're unfortunately not allowing new registrations of source > > parameters. sorry. > > > it too has been all over the list, but i'm actively taking comments, etc. > > on how we can try to improve the oauth experience - just drop me a line > > personally. > > > On Mon, Feb 1, 2010 at 12:04 PM, Aral Balkan <aralbal...@gmail.com> wrote: > > >> Dear Twitter peeps, > > >> I sent you an email 13 days ago to ask for a source parameter/token for > >> the mobile Twitter app that I'm developing for the iPhone. Since that time > >> I've had no response whatsoever to my email (which I'm including at the end > >> of this one). Not even a auto-response to say, "hey, we got your email – > >> we'll get back to you" or even, "no way, Jose!" > > >> I really don't understand Twitter's current strategy toward mobile and > >> desktop apps. Are you guys actually _trying_ to say to developers: "don't > >> build new mobile/desktop apps because you won't be able to compete with > >> existing ones?" > > >> What I mean by that is this: Existing desktop and mobile apps do _not_ > >> have to use oAuth _and_ get to keep their source parameter. The source > >> parameter is probably the best means of organic marketing a Twitter app > >> could have. OTOH, since these apps aren't using oAuth they don't have to > >> worry about giving their apps a UX handicap (try setting up multiple > >> Twitter > >> accounts in a mobile/desktop app with oAuth, or using picture upload > >> services and delegating your token... there are problems that haven't been > >> solved yet.) > > >> Even though oAuth is not ready for mobile/desktop, Twitter is penalizing > >> mobile/desktop applications that don't use it for UX reasons by not letting > >> them take advantage of the organic marketing provided by the source > >> parameter. > > >> I find this hugely unfair. > > >> As I stated in my original email, I will not sacrifice the UX of the app I > >> literally slaved over every pixel on due to this misguided policy. > > >> I would _really_ love it if someone from Twitter could look into this. The > >> message you are currently giving to mobile/desktop app developers is that > >> they shouldn't bother creating new Twitter apps because they will either > >> have a UX or marketing disadvantage when compared to existing apps. > >> Something tells me that's not the message you are trying to send out. > > >> I'm finishing off my app today and I'm hoping to submit it to the App > >> Store tomorrow. It would _really_ make my day if someone could get back to > >> me on this (hopefully with a token that I can use to set the source > >> parameter). > > >> It _is_ a really nifty little app and I really feel you guys are going to > >> love it. It is an app, furthermore, that could really benefit from having > >> the source parameter set. > > >> I apologize if any of ranting comes off as too strong: it's just that I'm > >> _really_ anal when it comes to the UX of the apps that I build. :) > > >> All the best, > >> Aral > >> PS. Really excited about Chirp + hope to see some of you there! :) > > >> * * * > > >> Original email, sent 13 days ago, follows: > > >> Hi guys, > > >> I've got a new iPhone app – one that I think you guys will find quite > >> original and fun – that I need to register the source parameter for. > >> However, my app doesn't use oAuth. > > >> As I stated earlier, it's a _mobile_ app. And currently oAuth on mobile is > >> a user experience nightmare and I've been slaving over the UX of this app > >> to > >> the point where I will not diminish it by implementing oAuth. I don't think > >> it does my app or Twitter any favors to do so. > > >> Mobile and desktop apps are not the same as web apps. They run in a > >> trusted context (the user's mobile phone or PC) and the decision to trust > >> the app or not is made when the app is installed. If the app is malicious, > >> the user has far worse issues to worry about than what it's going to do > >> with > >> their Twitter username and password (e.g., a desktop app could format their > >> hard-drive, etc.) I really feel that punishing mobile and desktop app > >> developers like this for not implementing a system that works like a charm > >> on the web but isn't suited to mobile/desktop is unjust. > > >> I'm very excited about this new app and I really hope that I can register > >> the source parameter for it even though I have made a UX decision to not > >> use > >> oAuth for it. I'm sure you'll agree when you see it that it is an app that > >> will cause quite a bit of interest and the source parameter will not only > >> benefit me but users who want to find the app that the tweets were authored > >> in. > > >> Thank you for your time and I hope I'll hear from you soon. > > >> All the best, > >> Aral > >> -- > >> Aral Balkan > >>http://aralbalkan.com > >>http://twitterformats.org > >>http://osflash.org > >>http://avitapp.com > > > -- > > Raffi Krikorian > > Twitter Platform Team > >http://twitter.com/raffi