1. Angus Fox
Deputy Secretary, Social Developers London
Director, Multizone Limited
Twitter: @nuxnix
This talk draws on information
from dev.twitter.com but is in
no way endorsed by Twitter
Corporation #justsaying
8. WHAT’S NEW
Requires authentication on
every API endpoint
Has a new per-endpoint
rate-limiting methodology
Changes to the Developer
Rules of the Road,
especially around
applications that are
traditional Twitter clients
Source: https://dev.twitter.com/sites/all/themes/twitter_commons/images/circles-bird.png
9. Secure
Passwords not shared with 3rd party
applications, increasing account security
Standard
Lots of libraries and example code compatible
with Twitter's OAuth implementation.
Application-user authentication
This is the most common form of resource
authentication in Twitter's OAuth 1.0A
implementation to date.
Your signed request both identifies your
application's identity in addition to the
identity accompanying granted permissions of
the end-user you're making API calls on behalf
of, represented by the user's access token
Application authentication
This form of authentication is announced but
not yet supported. Stay tuned.
Note: Can’t easily move to 2.0 due to tokens not
expiring being Twitter common practice and
other issues
Source: http://en.wikipedia.org/wiki/OAuth
10. Authentication is required so that twitter can
know exactly who is pulling data to:
prevent malicious use of the Twitter API
gain an understanding of what types of
applications are accessing the API
to evolve it to meet the needs of developers
Note: Perhaps to provide more granular developer
billing opportunities for Twitter?
11. For developers who are already using OAuth
when making API requests, all of your
authentication tokens will transition
seamlessly from v1.0 to v1.1.
If your application is currently using the
Twitter API without using OAuth, you will
need to update your application, it may
already be broken.
Key Deadline: March 2013.
12.
13. 1.0 API limited requests to 350 calls per
hour, regardless of the type of information
Per-endpoint rate limiting allows developers more
access to endpoints that are frequently requested
by applications, while continuing to prevent abuse
of Twitter's resources
14. Applications for one endpoint more restricted
Applications that use multiple endpoints will
run into rate limiting issues less frequently
Most individual API endpoints will be rate
limited at 60 calls per hour per-endpoint
High-volume endpoints related to Tweet
display, profile display, user lookup and user
search will be able to make up to 720 calls per
hour per endpoint
15.
16. Display Guidelines will become Display
Requirements
Pre-installed client applications must be
certified by Twitter
Developers must engage with Twitter directly
for a large amount of user tokens
And lots more ‘rules’…
17. MANDATORY NOT OPTIONAL MOBILE TWEET
All applications that display
Tweets must
link @usernames to the
appropriate Twitter profile
display appropriate Tweet
actions
scale display of Tweets
appropriately based on the
device.
If your application displays
Tweets to users, and it doesn't
adhere to Display
Requirements, Twitter reserve
the right to revoke your
application key.
18. Restrictions on how tweets are displayed, particularly those banning tweets
appearing in a stream with updates from other services, appear broad enough to
require substantial changes to a wide range of apps. Note Twitters own apps are not
best practice here.
Source http://www.techrepublic.com/blog/cio-insights/twitter-api-changes-why-its-time-for-developers-to-adapt/39749448
19. HTTP 404 ON TIMELINE FEEDS? NO MORE RSS IN API 1.1
In March of 2012 Twitter “Please note that there is no
announced retirement of support for the RSS response
"unversioned endpoints,” format in API v1.1.”
GET statuses/public_timeline
v1 REST ATOM response
format
Note: These changes reflect
changes to display requirements
In early October
and authentication
2012, Twitter turned off
requirements – RSS feeds no
these endpoints. longer allowed as they cannot
enforce display requirements
20. 1.1 Api clients pre-installed
on mobile handsets, SIM
cards, chipsets or other
consumer electronics
devices.
Long lead time required to
update pre-installed client BB6/7 WP7/8
applications
Twitter want to make sure that
the best Twitter experience
possible is provided before the
application ships.
If you ship an application pre-
installed without it being
certified by Twitter, they
reserve the right to revoke your
application key. iOS5/6 Android 2-4
21. “Additionally, if you are building a Twitter client
application that is accessing the home timeline,
account settings or direct messages API
endpoints (typically used by traditional client
applications) or are using our User Streams
product, you will need our permission if your
application will require more than 100,000
individual user tokens”
22. Don’t add or remove functionality from Tweets, change Tweet actions to other
verbs, etc.
Twitter clients have a ceiling of 100,000 users,
among other restrictions.
TOS changes to ‘traditional clients’
Never surprise users.
tweets for a user, or actions like unfollow should be user initiated
Don’t resyndicate data.
don’t take twitter data and expose it via an API, or post it to other cloud services.
Avoid spammy automation.
Be sure to thoroughly read Automation Rules.
Respect a user’s privacy and sharing settings.
Don’t facilitate or encourage the publishing of private or confidential information.
Don’t try to circumvent rate limits.
Make sure there is a clear separation and distinction between advertisements
and Twitter content.
Register one API key for your application.
Don’t use a single API key for multiple use cases
Don’t register multiple keys for the same use case.
23.
24. Why is Tweetbot
for Mac $20?
“Because of Twitter’s recent enforcement of token
limits, we only have a limited number of tokens
available for Tweetbot for Mac. These tokens
dictate how many users Tweetbot for Mac can
have. The app’s limit is separate from, but much
smaller than, the limit for Tweetbot for iOS. Once
we use up the tokens granted to us by Twitter, we
will no longer be able to sell the app to new users.
Tapbots will continue to support Tweetbot for Mac
for existing customers at that time.”
25. “Exporting Twitter Content IFTTT CEO Linden Tibbets:
• In recent weeks, Twitter announced policy
to a datastore as a service changes that will affect how applications and
or other cloud based users like yourself can interact with Twitter’s
data. As a result of these changes, Recipes
service, however, is not using Twitter Actions and your ability to post
new tweets via IFTTT will continue to work
permitted.” just fine.
All Twitter Triggers, disabled
No ability to push tweets to
places like email, Evernote
Matthew Panzarino, TNW
and Facebook
• At this point, any third party developer using
All Personal and Shared Twitter’s platform for their product should
Recipes using a Twitter probably take a very hard look at the
capabilities of their apps. If there’s any
Trigger will also be removed. chance that they might overlap with Twitter’s
desire to be the only way that people read
tweets…it might be time to get out.
http://tnw.to/d0Axs via @thenextweb
26. More or less a reaction to the
changes in Twitter
philosophy, developer rules and
terms of service
We are selling our product, NOT
our users
You own your content
Our financial incentives are aligned
with members and developers
App.net employees spend 100% of
their time improving our services
for you, not advertisers
We are operating a
sustainable, predictable business
We respect and value our
developer community
Our most valuable asset is your
trust
27.
28. Twitter’s restrictions on how developers’ access its platform are
inevitable but don’t mean the demise of third party apps and
services
Some rework may be required because of Twitter’s intentions
Design apps to operate in order not to violate Twitter’s policies
Some of Twitter’s changes could be perceived as an attempt to
drive traffic from third party services to Twitter’s own website and
apps, driving sponsored content
“developers should not build client apps that mimic or reproduce
the mainstream Twitter consumer client experience” - Twitter CEO
Dick Costolo
Twitter is mainstream now. It’s a totally different animal to what it
was three years ago
Some of the developers who are more independent minded
perhaps hanker after a return to that, but it’s not coming back