Hi Matt, We missed the bit about having to use oauth/authorize and were going through oauth/authenticate. Via oauth/authorize it's working properly.
Aaron On Jun 23, 6:57 pm, Matt Harris <thematthar...@twitter.com> wrote: > Hi Aaron, > > I have't been able to reproduce this issue so could you email me details of > the app and captures of the requests and responses. Then I can investigate > further. > > Thanks, > @themattharris <https://twitter.com/intent/follow?screen_name=themattharris> > Developer Advocate, Twitter > > On Wed, Jun 22, 2011 at 12:57 PM, Aaron Rankin > <aran...@sproutsocial.com>wrote: > > > > > > > > > Hi Matt / Twitter, > > > We're not seeing the Direct Message permission setting ever take > > effect. In our application profile, it says that we're set to request > > read, write and DM, and we've saved this several times successfully. > > However, both the X-Access-Level header and the oauth/authorize page > > list that we don't have DM access (and for the former, on accounts for > > which we've re-authorized). > > > Aaron > > > On Jun 13, 7:56 pm, Matt Harris <thematthar...@twitter.com> wrote: > > > Hey everyone, > > > > A number of updates were made to the Direct Message methods and OAuth > > > screens at the end of last week. Here's what went out: > > > > * force_login is now supported onhttps://api.twitter.com/oauth/authorize > > > * the OAuth screens now support a feature phone tier of handsets and > > render > > > them in a simpler format > > > * the language on all the screens is standardized to say "direct message" > > > * there is a "Return to App" URL on the Deny and Cancel screens that > > > redirects the user to the oauth_callback url with a 'denied' parameter > > > instead of oauth_token. > > > > This next parameter isn't needed by everybody but we will be adding > > > screen_name support to the authorize and authenticate pages in the next > > few > > > days. If you want to add this to your code ready for when we release the > > > feature you can, but please know the screen_name parameter will be > > ignored > > > unless you also provide the force_login parameter. The screen_name > > parameter > > > pre-fills the username field of the OAuth screen when force_login is > > true. > > > The user is still able to edit the field, even if it is prefilled. > > > > Lastly, these are the main points discussed in previous emails and > > Tweets: > > > * The new permission level will be enforced on 30th June. > > > * If you don't need to read or delete direct messages you do not need to > > > update the permission level of your application. > > > * Read/Write applications will still be able to send direct messages, > > even > > > after the enforcement date. > > > * Existing oauth_tokens will not be invalidated, even if the application > > > permission level is altered. > > > * You can find out the current permission level of an oauth_token by > > > inspecting the headers of an authenticated request to the API. Look for > > > the X-Access-Level header. > > > > Best, > > > @themattharris < > >https://twitter.com/intent/follow?screen_name=themattharris> > > > Developer Advocate, Twitter > > > -- > > Twitter developer documentation and resources:https://dev.twitter.com/doc > > API updates via Twitter:https://twitter.com/twitterapi > > Issues/Enhancements Tracker: > >https://code.google.com/p/twitter-api/issues/list > > Change your membership to this group: > >https://groups.google.com/forum/#!forum/twitter-development-talk -- Twitter developer documentation and resources: https://dev.twitter.com/doc API updates via Twitter: https://twitter.com/twitterapi Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list Change your membership to this group: https://groups.google.com/forum/#!forum/twitter-development-talk