Would it be best to field these questions to Twitter API team? Thought they were pretty common. No?
On Apr 15, 9:21 pm, YCBM <youcannotb...@gmail.com> wrote: > Would appreciate any feedback or thoughts on this. > > On Apr 13, 3:03 pm, YCBM <youcannotb...@gmail.com> wrote: > > > > > Ok, so I'm a bit out of the loop so I've been doing a lot of catching > > up on oAuth Echo starting > > withhttp://groups.google.com/group/twitter-development-talk/browse_thread.... > > > Scenario is large number of Twitter clients accessing media upload api > > for our site service along with end-users sharing via browser. > > > I understand June 2010 is the cutoff for basic auth. Some sites may > > be provided with xAuth on a limited basis in regards to "moving > > everybody off basic authentication, we originally envisioned this as a > > mechanism for developers to exchange all the username > > and passwords they have in their databases for OAuth tokens en masse." > > > Still trying to wrap my head around oAuth Echo. From what I > > understand, delegation from a Twitter app like TweetDeck (for example) > > would pass its oAuth access tokens to our site to pass to Twitter. > > > A few questions: > > > - xAuth seems straight-forward if granted temporary access. I assume > > these tokens are the same as if the end-user went through the normal > > oAuth process in a browser? New users to the 3rd party web site would > > be using oAuth. > > > - Typically if a user is sharing a media file through our site and > > they are NOT registered (no account in our system) and have never > > logged in using oAuth on our site, we create an account for them. Can > > we store the access tokens from an external app when we create their > > account? If so, would there be a conflict if an event occurs in which > > we post a status update on their behalf without the delegation in the > > header? Or is it a one-time use thing? > > > - Once the user visits our site and logs into Twitter using oAuth, > > we'll store those tokens. Is it best practice to use those whenever > > the same user shares a media file through an external app or should > > the delegated tokens always be used? > > > - Finally, while Twitter may be depreciating basic auth and everyone > > (if they haven't already) will be using oAuth, is there a plan for > > users who use 3rd party Twitter apps for mobile devices that HAVE NOT > > upgraded to the latest version yet? Although xAuth is geared towards > > desktop and mobile apps, there may be quite a few users who have not > > upgraded their app trying to either use it or share media with it > > through sites like ours. > > > - > > > I did notice that on this pagehttp://apiwiki.twitter.com/Authentication, > > its confusing as to whether or not basic auth will be completely > > depreciated. If it will be, someone should update it as its > > misleading. > > > Thanks in advance! > > > Best, > > Y.