Thank you so much Taylor. Can you believe that nowhere in the Twitter API documentation can I find this crucial, yet very simple instruction. There are ample pointers to explanations of how to get OAuth token, but absolutely no instructions I can find for what to do once you obtain the token key and secret.
I tried very permutation of posting them along with the twitter REST calls, but the one you suggested of posting the secrets as parameters without values. This single line instruction needs to be added to the Twitter API documentation. BTW: The php equivalent of url_escaped ()is urlencode(). Thanks much. On Mar 7, 6:53 pm, Taylor Singletary <taylorsinglet...@twitter.com> wrote: > A lot of people have found my presentation on OAuth useful when trying > to learn the ins and outs of the entire request cycle with an OAuth- > protected API:http://bit.ly/oauth-zero-to-hero > > When accessing a protected resource with OAuth, the oauth_token and > oauth_token_secret you receive become your "access token". You include > oauth_token as an OAuth parameter in your signature base string and > authorization header, and then sign your entire OAuth request with a > composite signing secret: > > {url_escaped(consumer_secret)}&{url_escaped(oauth_token_secret)} > > Taylor > > On Mar 6, 2:55 pm, IDOLpeeps <i...@idolpeeps.com> wrote: > > > I've overcome the nuances of generating the oauth signature. It > > shocks me that the API documentation provides no clear indication of > > how to send the tokens along with an API call. It's not even a PHP- > > specific question. Simply put: Where do the "oauth_token" and > > "oauth_token_secret" get embedded in API call: As posted parameters? > > If so, with what parameter names? Can anybody provide guidance? I > > have seen many people ask this question, yet see no answer. > > > As far as why one would want to use their own library vs. somebody > > else's, that's a question for the ages. One specific answer is that > > many of us have created our own application-specific libraries that > > accommodate traditional http authentication and we'd like to keep our > > libraries when we add Oauth. To do so, it's best to have an answer to > > this question. > > > Thank you.
