Skip to main content

Sneak peek at Twitter's browserless OAuth credentials exchange method

Over the past couple of months the Twitter API Google Group has been overflowing with more and more disgruntled developers complaining about lack of bug fixes, slow rollout of promised features, no mobile interface for OAuth, etc. (The list goes on and on) Well I'm happy to say Twitter appears to be almost done with one much requested feature: browserless OAuth credentials exchange. It was hinted that Seesmic Look was using said exchange so today I took a peek at how Look worked behind the scenes.

To start off Look is using the standard oauth/access_token endpoint on the new subdomain.

In addition to the standard POST headers, Look adds several values that include a username and password for the specific user.

The return value is an access_token as expected plus x_auth_expires whose meaning I can only guess at.

I didn't bother to try the exchange with my own consumer key but I would assume access is limited to specific partners for now.

As excited as I am for using browserless OAuth I'm afraid developers with be lazy and implement the credential exchange instead of the full OAuth flow even in environments well suited to jumping from application to browser.

What do you think of the credentials exchange method?

UPDATE: TweetDeck is also using the new OAuth method.
UPDATE2: The xAuth documentation is live.

Popular posts from this blog

Sync is currently experiencing problems

Update: I now recommend you install Google Chrome and disable the built in Browser as it supports encrypting all synced data.

After picking up a gorgeous Galaxy Nexus yesterday I was running into an issue where my browser data wasn't syncing to the phone. After a little Googling I found this is commonly caused by having all of my synced Chrome data encrypted instead of the default of only encrypting the passwords. These are the steps I went through to get my dat syncing again without losing any of it. The exact error I was getting was "Sync is currently experiencing problems. It will be back shortly."

In Google Chrome open the personal stuff settings page by clicking this link or by opening the wrench menu, and click on "signed in with".  Hit "disconnect your Google Account" to temporarily disable syncing from your browser.

Visit the Google Dashboard and "Stop sync and delete data from Google". I waited until the stored dat…

Little known @Twitter and @TwitterAPI tips and tricks

Be sure to comeback as new tips and tricks get added. If you know of anything I missed be sure to let me know.

Static URL for profile images based on screen_name:

* This performs a http redirect to the actual profile image URL. Currently https redirects to http. You can also add "?size={mini | bigger | normal}" to get specific sizes.

Redirect to profile based on user_id:

In_reply_to_status_id mentions:

* In the web interface new mentions are only replies if they start with @screen_name. By pushing @screen_name further along in the string your followers who do not follow @screen_name will still see the status.

Profile image sizes:

* By default you get the original image size you can add _mini, _normal, and …

Can you activate a Moto G on Sprint?

Question: Can you activate a Moto G (3rd gen) on Sprint?
Answer: No.

TLDR: Don't use Sprint.

Having the unfortunateness of accidentally dropping and mostly obliterating a perfectly functional Nexus 5, my housemate was in need of a replacement ASAP. With solid specs and an amazing price tag (a mere $220) a Moto G (3rd gen) was high on my list of replacements. Considering the 2015 Nexus devices hadn't even been announced yet, it was pretty much the only option in that size range.

Moto was quick to ship and we skipped off to the Sprint store Moto G in hand to get it added to the existing service plan. I mean really, how hard could adding a phone be? Sadly it was all downhill from there...

Walking into Sprint there were a couple of people being helped or waiting to be helped but overly not very busy. Initially the service rep thought we wanted to transfer photos, data, etc from one device to another and said she could help us. After describing several times that we simply wanted the pl…