Does the token ever expire? Eric
On Aug 11, 9:38 am, Taylor Singletary <taylorsinglet...@twitter.com> wrote: > One implementation option you have is to build only the portions of OAuth > that you need to meet your goals. On dev.twitter.com we provide a feature > that allows you to retrieve the access token for your own account, owning > the application. You would then hard code this access token and your API > keys within your device (with best effort security). > > The migration from basic auth isn't an issue of protecting from > man-in-the-middle attacks (such that SSL would prevent) but more of an issue > with applications having access to Twitter usernames and passwords. There > are many people who use the same passwords across multiple sites, so the > security risk of supporting basic auth does not stop at Twitter. > > TaylorOn Wed, Aug 11, 2010 at 9:30 AM, ERenken <eren...@gmail.com> wrote: > > So how can I use OAuth on a hardware device we are creating that > > doesn't have a UI? Can I share the key between all the devices? This > > is only twittering to 1 account that we have created. Seems like > > OAuth is going to make stuff like this harder for people to develope. > > Seems like it would have just bee easier for security if you would > > have added HTTPS and left basic auth. At least for embedded devices > > so they could send tweets.