TheGuru, I set my app to RWPM permission at dev.twitter.com/apps and now it displays as such on the OAuth login page and on twitter.com/settings/ applications.
On May 19, 2:04 pm, TheGuru <[email protected]> wrote: > That is to be expected regarding the 401. > > However, while I see the changes on the application page of a > particular account, the OAuth login screen at Twitter for my > application still states: > > This application will not be able to: > > Access your private messages. > See your Twitter password. > > Did you make any other changes other than upading the privilege level > for your application at dev.twitter.com? > > On May 19, 12:49 pm, Mark Pavlidis <[email protected]> wrote: > > > > > Yes i've seen the changes on my applications page and on the OAuth > > login page. Further, my other device that was logged in using the old > > Read,Write token was getting Unauthorized (401) responses as that > > token was revoked an replaced with the Read, Write, Private message > > token. Should be handled appropriately if you are a dev with an app > > on multiple platforms. > > > Mark > > > On May 19, 9:42 am, TheGuru <[email protected]> wrote: > > > > +1. I'm seeing the same thing and not sure if it is a waiting game or > > > something that needs adjusted in the flow from the client side as > > > well. > > > > Any insight is appreciated. > > > > Has anyone who adjusted their app permissions on dev.twitter.com seen > > > this reflected on the OAuth login page at Twitter? > > > > On May 19, 2:02 am, Adriaan Pelzer <[email protected]> wrote: > > > > > Hi Matt, > > > > > I have started implementing these changes. The app's permissions > > > > setting is > > > > set to "Read, Write & DM" (the new one). > > > > > However, when the user gets redirected to the auth page, it still > > > > indicates > > > > that the app will not be able to read or send DM's. Is this something > > > > that > > > > will automatically happen when you activate it, or is there a > > > > permissions > > > > parameter I should send to the auth page? > > > > > Adriaan Pelzer > > > > > //))//\\//\\||// > > > > //\\//7//7///\\ > > > > > putting you in touch with your crowdshttp://www.wewillraakyou.com > > > > <http://www.wewillraakyou.com>twitter:http://www.twitter.com/adriaan_pelzer > > > > linkedIn:http://uk.linkedin.com/pub/adriaan-pelzer/4/874/860/ > > > > skype: adriaan_pelzer > > > > <http://uk.linkedin.com/pub/adriaan-pelzer/4/874/860/> > > > > +4478 7978 1743 > > > > > On Wed, May 18, 2011 at 6:01 PM, Matt Harris > > > > <[email protected]>wrote: > > > > > > Hey everyone, > > > > > > We recently updated our OAuth screens to give users greater > > > > > transparency > > > > > about the level of access applications have to their accounts. The > > > > > valuable > > > > > feedback Twitter users and developers have given us played a large > > > > > part in > > > > > that redesign and helped us identify where we can do more. > > > > > > In particular, users and developers have requested greater > > > > > granularity for > > > > > permission levels. > > > > > > In response to this feedback, we have created a new permission level > > > > > for > > > > > applications called “Read, Write & Direct Messages”. This permission > > > > > will > > > > > allow an application to read or delete a user's direct messages. When > > > > > we > > > > > enforce this permission, applications without a “Read, Write & Direct > > > > > Messages” token will be unable to read or delete direct messages. To > > > > > ensure > > > > > users know that an application is receiving access to their direct > > > > > messages, > > > > > we are also restricting this permission to the OAuth /authorize web > > > > > flow > > > > > only. This means applications which use xAuth and want to access > > > > > direct > > > > > messages must send a user through the full OAuth flow. > > > > > > What does this mean for your application? > > > > > If you do not need access to direct messages: you won’t need to make > > > > > any > > > > > changes to your application. When we enforce the new permission level > > > > > your > > > > > read or read/write token will automatically lose access to direct > > > > > messages. > > > > > > If you do need access to direct messages: you will need to edit your > > > > > application record onhttps://dev.twitter.com/appsandchangethe > > > > > permission level of your application to “Read, Write and Direct > > > > > Messages”. > > > > > The new permission will not affect existing tokens which means > > > > > existing > > > > > users or your app or service will need to reauthorize. > > > > > > We know this will take some time so we are allowing a transition > > > > > period > > > > > until the end of this month. During this time there will be no change > > > > > to the > > > > > access Read/Write tokens have to a users account. However, at the end > > > > > of the > > > > > month any tokens which have not been upgrade to “Read, Write and > > > > > Direct > > > > > Messages” will be unable to access and delete direct messages. > > > > > > Affected APIs and requests > > > > > On the REST API, Read and Read/Write applications will no longer be > > > > > able to > > > > > use these API methods: > > > > > /1/direct_messages.{format} > > > > > /1/direct_messages/sent.{format} > > > > > /1/direct_messages/show.{format} > > > > > /1/direct_messages/destroy.{format} > > > > > > For the Streaming API, both User Streams and Site Streams will only > > > > > receive > > > > > direct messages if the user has authorised an application to access > > > > > direct > > > > > messages. > > > > > > Applications that use “Sign-in with Twitter” or xAuth will only be > > > > > able to > > > > > receive Read or Read/Write tokens. > > > > > > What this means is only applications which direct a user through the > > > > > OAuth > > > > > web flow will be able to receive access tokens that allow access to > > > > > direct > > > > > messages. Any other method of authorization, including xAuth, will > > > > > only be > > > > > able to receive Read/Write tokens. > > > > > > What will happen when the permission is activated > > > > > When we activate the new permission, all Read and Read/Write > > > > > user_tokens > > > > > issued to third-party applications will lose their ability to read > > > > > direct > > > > > messages. Any attempt to read direct messages will result in an HTTP > > > > > 403 > > > > > error being returned. > > > > > > For example, a GET request to > > > > >https://api.twitter.com/1/direct_messages/sent.jsonwillreturnanHTTP > > > > > 403 Forbidden with the response body: > > > > > > {"errors":[{"code":93,"message":"This application is not allowed to > > > > > access > > > > > or delete your direct messages"}]} > > > > > > Key Points > > > > > * If you wish to access a user’s direct messages you will need to > > > > > update > > > > > your application and reauthorize existing tokens. > > > > > * The only way to get direct message access is to request access > > > > > through > > > > > the OAuth /authorize web flow. You will not be permitted to access > > > > > direct > > > > > messages if you use xAuth. > > > > > * When we enforce the permission Read/Write and Read tokens will be > > > > > unable > > > > > to access and delete direct messages. > > > > > * Read/Write tokens will be able to send direct messages after the > > > > > permission is enforced. > > > > > > We’ll be collating responses and adding more information on our > > > > > developer > > > > > resources permission model page: > > > > >https://dev.twitter.com/pages/application-permission-model > > > > > > We have also blogged about this on the Twitter blog: > > > > >http://blog.twitter.com/2011/05/mission-permission.html > > > > > > Best, > > > > > @themattharris > > > > > > -- > > > > > Twitter developer documentation and > > > > > resources:https://dev.twitter.com/doc > > > > > API updates via Twitter:https://twitter.com/twitterapi > > > > > Issues/Enhancements Tracker: > > > > >https://code.google.com/p/twitter-api/issues/list > > > > > Change your membership to this group: > > > > >https://groups.google.com/forum/#!forum/twitter-development-talk -- Twitter developer documentation and resources: https://dev.twitter.com/doc API updates via Twitter: https://twitter.com/twitterapi Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list Change your membership to this group: https://groups.google.com/forum/#!forum/twitter-development-talk
