sorry - let me try to clarify, and if this is not clear on,
please let us know so we can update the docs.

"native" applications (desktop and mobile) can have permanent access to
xAuth.  web applications cannot.  web applications can be granted temporary
(approximately 7 days) access so that you can "bulk convert" your users from
basic auth over to oauth.

does that help?

On Sun, May 9, 2010 at 4:51 PM, John Meyer <> wrote:

> On 5/9/2010 9:36 AM, Cameron Kaiser wrote:
>>   From what I've heard, xAuth is supposed to be temporary.  Is TweetDeck
>>> just wording this wrong, or have they gained permanent access to xAuth?
>> Actually, I am under the impression, and constructed TTYtter under this
>> assumption, that desktop apps can have xAuth access on a longer term
>> basis.
>> Only web apps have time limits. See the notes on the (now obsoleted)
>> xAuth apiwiki:
> The conversation I had on here with Raffi seemed to suggest xAuth was
> temporary in nature.

Raffi Krikorian
Twitter Platform Team

Reply via email to