Reputation: 9675
Twitter API: Separate read and read/write tokens
On my site users should be able to authenticate using their twitter account. Another optional feature is, that users should be able to have tweets sent in their name on certain events. For this I've setup the twitter application to be read & write.
My problem now is, when a user is using twitter to authenticate, then he is automatically also granting read/write permissions. But I'd like to leave it up to the user to decide at a later stage if he trusts me enough, to grant me this permission..
I can't find any setting/parameter in the api which would allow this split. The only solution I can currently see, is splitting the twitter app into two: One read-only app for authentication and one read-write app for tweeting etc.
Upvotes: 2
Views: 576
Answers (1)
Reputation: 47833
Send users to https://api.twitter.com/oauth/authorize?oauth_token=xyz and add a parameter of oauth_access_type with a value of read. That should restrict that particular user to read only permissions.
https://groups.google.com/forum/#!topic/twitter-development-talk/1P765h9ecBk
Upvotes: 2
Related Questions
- how to Generate Twitter API access token and secret with read/write permission
- Login with twitter api
- Twitter API request_token
- Oauth Consumer key/secret vs access_token/access_secret
- How to use oauth access token for twitter public stream
- Using twitter to get bearer token
- Using Twitter Access Tokens interchangeably (ie. use 1 user's token for another user)?
- Twitter API - saving OAuth token in session
- Storing Twitter access token using Twitterizer
- One access token for OAuth using Twitter API