I should add you must not use your credentials to display tweets from protected accounts that your account has access to.
On 3 Nov, 23:21, "Ken D." <k...@cimas.ch> wrote: > If you own a private list and want to share the content, you just use > your own credentials (My Access Token) to fetch it. Real-time or > cached, whatever works for you. There is no 'logged in' - each API > call is authenticated. How could a user break into your account? A > single web page can display content retrieved from different accounts > - yours and the user's, for example. > > On 3 Nov, 18:46, Adam Nason <apna...@gmail.com> wrote: > > > Twitter limits each user account to 20 lists. I have three accounts > > with different purposes but need the 60 lists across these three > > accounts to be displayed on one page on my website. Each list link > > needs to be clickable to the status updates from that list (in that > > same page likely using ajax). They are private lists (created for > > viewing only in the app) and I would like to keep them that way though > > I will take them public if absolutely necessary. > > > I'm just the content manager asking this on behalf of the developer so > > I know little about oAuth but this is how it has been explained to me: > > "When you request an access token you send Twitter a current timestamp > > and that timestamp is used to make a signature_basestring. With that > > signature, you sign every request you send to Twitter. It's a bit > > tricky not to enter login/pass manually when Twitter asks you to do > > that." And then there is my concern about the security of my accounts > > if they are "logged into" on a public, live webpage (warranted/ > > unwarranted? not sure). > > > The developer mentioned that even if we take the lists public, we > > would still need to use oauth/logins to retrieve status updates from > > the lists. What he proposed is doing the oauth/logins process behind > > the scenes periodically during the day (based on cron.php timer) and > > displaying cached messages to users of the app. My preference is to > > display in real-time assuming that I can get the other two accounts > > whitelisted. Only one of the accounts is whitelisted for 20,000 > > requests (per hour?). > > > So the advice I'm seeking is a bit open-ended as to how proceed from > > here. Private/public lists? Display real-time vs display cached > > version? Security concerns? The developer is still pretty new to the > > API so we're hoping someone can toss us a bone here. Thanks! -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk