I'm seeing a number of users, and it is a minority but still, getting
403 errors

Some if these users haven't even auth'd before I changed the app
permissions.

I know it's not a global app issue as the vast majority of my users
can still access dms, including me

On Jun 30, 8:27 pm, Chris Teso <christ...@gmail.com> wrote:
> Arnaud & Taylor,
>
> Thanks for the response. I must say that I'm confused as to why the
> decision was made to block ones own app from reading their own DMs?
> Can you elaborate on the logic behind this decision?
>
> It seems logical that I would not have to re-authorize my own app
> tokens to view my own DMs. Further, I do not want to change my apps
> permission levels to do so. This effects ALL of our customers solely
> so I can read my own apps DMs! If I follow Taylors suggested new token
> request, can I then revert my apps permissions and still access my
> apps own dms? ie: I DEFINITELY do not want to keep my app permissions
> set to R/W/DM when I don't need to access any customer DM data.
>
> Thanks,
> Chris
>
> On Jun 30, 12:17 pm, Taylor Singletary <taylorsinglet...@twitter.com>
> wrote:
>
>
>
> > Additionally, newly generated tokens with the  "My Access Token" feature on
> > dev.twitter.com will now return an access token at the same level of access
> > your application requests.
>
> > If you used "My Access Token" to generate your token in the past, you'll
> > want to first go tohttp://twitter.com/settings/applicationstorevoke your
> > access token's permissions and then go back to dev.twitter.com's My Access
> > Token feature to re-negotiate an upgraded token.
>
> > Any token that transitions from one state to another will have the string
> > representation of the access token and secret changed: If a token goes from
> > RO to RW, the strings will change. If a token goes from RW to RWD, the
> > strings will change. If a user revokes a token and you then renegotiate the
> > token, even if the permission level didn't change, the strings will change.
>
> > Thanks,
> > @episod <http://twitter.com/intent/user?screen_name=episod> - Taylor
> > Singletary
>
> > On Thu, Jun 30, 2011 at 12:11 PM, Arnaud Meunier <arn...@twitter.com> wrote:
> > > Hey Chris,
>
> > > The new permission model applies to all access tokens, including the
> > > application owner's one. You have to reauthorize your existing 
> > > access_token
> > > through the OAuth Flow, just like any other user.
>
> > > Arnaud / @rno <http://twitter.com/rno>
>
> > > On Thu, Jun 30, 2011 at 11:56 AM, Chris Teso <christ...@gmail.com> wrote:
>
> > >> I assumed that the new permissions would not apply to an app reading
> > >> it's own DMs. ie: When authenticating with an apps own token and
> > >> secret /1/direct_messages.{format} should not enforce the R/W/DM
> > >> policy.
>
> > >> Appears this is not the case?
>
> > >> On Jun 30, 11:39 am, Arnaud Meunier <arn...@twitter.com> wrote:
> > >> > Hey Developers,
>
> > >> > As planned, the new three-tier permission model is now officially in
> > >> effect.
> > >> > Please remember that you don't have to make any changes if your
> > >> application
> > >> > or service doesn't need to read or delete Direct Messages.
>
> > >> > Key points:
> > >> > - Existing oauth_tokens have not (and will not) be invalidated, even if
> > >> you
> > >> > update your application permission level.
> > >> > - Read/Write and Read tokens are now unable to read and delete Direct
> > >> > Messages. If you wish to read or delete a user's Direct Messages, you
> > >> need
> > >> > to update your application and have your existing access tokens
> > >> reauthorized
> > >> > through the OAuth authorize web flow.
> > >> > - All authenticated API requests return an "X-Access-Level" header, so
> > >> you
> > >> > can find out the current permission level of the access token you're
> > >> using
> > >> > (read, read-write, or read-write-directmessages).
>
> > >> > For more information, be sure to take a look on:
> > >> > - The Application Permission Model documentation page:
> > >>http://t.co/elH0KY4
> > >> > - The Application Permission Model FAQ:http://t.co/1Wliqg4
>
> > >> > Thanks again for working with us on this new permission level,
> > >> > Arnaud / @rno
>
> > >> --
> > >> Twitter developer documentation and resources:
> > >>https://dev.twitter.com/doc
> > >> API updates via Twitter:https://twitter.com/twitterapi
> > >> Issues/Enhancements Tracker:
> > >>https://code.google.com/p/twitter-api/issues/list
> > >> Change your membership to this group:
> > >>https://groups.google.com/forum/#!forum/twitter-development-talk
>
> > >  --
> > > Twitter developer documentation and resources:https://dev.twitter.com/doc
> > > API updates via Twitter:https://twitter.com/twitterapi
> > > Issues/Enhancements Tracker:
> > >https://code.google.com/p/twitter-api/issues/list
> > > Change your membership to this group:
> > >https://groups.google.com/forum/#!forum/twitter-development-talk

-- 
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
https://groups.google.com/forum/#!forum/twitter-development-talk

Reply via email to