We have plans to support OAuth, but at the moment the Streaming API is mostly concerned with service integrations, so the password issue is far less of an issue there. Stay tuned.
-John Kalucki http://twitter.com/jkalucki Infrastructure, Twitter Inc. On Wed, Feb 3, 2010 at 9:46 PM, Marc Mims <marc.m...@gmail.com> wrote: > * John Kalucki <jkalu...@gmail.com> [091030 06:41]: > > Currently the Streaming APIs are not intended for use by clients, but > > mostly for use by services. Therefore oauth is not yet supported. > > There's little need to pass an end-user's credentials on to the > > Streaming API as all data currently available is public. Rather, your > > service can request all required data on behalf of your end users with > > a single account. > > The Streaming API uses Basic Authentication over a non-encrypted > connection, only, right? This frightens me, a bit. Seems anyone with > the ability to sniff traffic on the hosting provider's network could > hijack my twitter account causing me no end of grief. > > Is there, or will there be, a more secure method of authentication for > the Streaming API? > > -Marc >