The other kind of OAuth is called "two-legged OAuth," where the only identifying party is the application itself. There may be a future where some resources are available via two-legged OAuth but we haven't decided anything for sure yet.
Taylor On Tue, Aug 10, 2010 at 5:30 AM, Brian Medendorp <brian.medend...@gmail.com>wrote: > I had to do the same thing for something I am working on, it's not > very ideal, but it seems to be the only way to get the job done. > > There is supposed to be a second type of OAuth that allows that sort > of one-way communication (basically the same thing but without the > user's tokens), but it seems that no one has implemented that (and I > can't remember the name they gave it). > > On Aug 9, 10:39 pm, "russ.au" <russell.say...@gmail.com> wrote: > > Hi all, > > > > Let's say I'm writing a read only app - you come to my website enter > > someones twitter name, and I give you some statistics about them. I > > can get all the stats I need by making anon calls to the REST api from > > my webserver. > > > > The API docs say "Anonymous calls are based on the IP of the host and > > are permitted 150 requests per hour", where as "OAuth calls are > > permitted 350 requests per hour". > > > > If my app gets popular enough I'd like to make as many calls as I > > can. What is the protocol here? Should I create a twitter account > > just for my app, take this account through the OAuth process, and use > > this account's "access token" for all my requests? > > > > Thanks, > > Russ >