The other kind of OAuth is called "two-legged OAuth," where the only
identifying party is the application itself. There may be a future where
some resources are available via two-legged OAuth but we haven't decided
anything for sure yet.

Taylor

On Tue, Aug 10, 2010 at 5:30 AM, Brian Medendorp
<brian.medend...@gmail.com>wrote:

> I had to do the same thing for something I am working on, it's not
> very ideal, but it seems to be the only way to get the job done.
>
> There is supposed to be a second type of OAuth that allows that sort
> of one-way communication (basically the same thing but without the
> user's tokens), but it seems that no one has implemented that (and I
> can't remember the name they gave it).
>
> On Aug 9, 10:39 pm, "russ.au" <russell.say...@gmail.com> wrote:
> > Hi all,
> >
> > Let's say I'm writing a read only app - you come to my website enter
> > someones twitter name, and I give you some statistics about them.  I
> > can get all the stats I need by making anon calls to the REST api from
> > my webserver.
> >
> > The API docs say "Anonymous calls are based on the IP of the host and
> > are permitted 150 requests per hour", where as "OAuth calls are
> > permitted 350 requests per hour".
> >
> > If my app gets popular enough I'd like to make as many calls as I
> > can.  What is the protocol here?  Should I create a twitter account
> > just for my app, take this account through the OAuth process, and use
> > this account's "access token" for all my requests?
> >
> > Thanks,
> > Russ
>

Reply via email to