Twitter cracks down on third-party clients, tightens use of interface

Twitter is cracking down on third-party clients, as it issued new, stricter rules for the use of its application programming interface (API).

 

In a blog post, Twitter's Michael Sippey said version 1.1 of the Twitter API will require authentication at every API endpoint, and will feature rate limiting.

 

"For example, there are many applications that are pulling data from the Twitter API at very high rates (scraping, bots, etc.) where we only know the IP address of the applications. To prevent malicious use of the Twitter API and gain an understanding of what types of applications are accessing the API in order to evolve it to meet the needs of developers, it's important to have visibility into the activity on the Twitter API and the applications using the platform," he said.

 

He also said version 1.1 will provide per-endpoint rate limiting on the API.

 

"While an application that only accesses one endpoint may be more restricted, applications that use multiple endpoints will run into rate limiting issues less frequently," he said.

 

He noted that in version 1.0 of the Twitter API, a limit of 350 calls per hour was imposed on authenticated requests applications, regradless of the type of information the app requested.

 

Sippey said such a "one size fits all" approach had limited Twitter's ability to provide developers more access to endpoints frequently requested by applications, while continuing to prevent abuse of Twitter's resources.

 

From guidelines to requirements

 

Sippey also said Twitter will require developers of desktop and mobile apps to ensure a consistent experience for users wherever they see and interact with tweets.

 

The requirements include: linking @usernames to the appropriate Twitter profile, displaying appropriate Tweet actions (e.g. Retweet, reply and favorite) and scaling display of Tweets appropriately based on the device.

 

If an app displays Tweets to users, but does not adhere to the Display Requirements, Sippey said, "we reserve the right to revoke your application key."

 

"We will require all applications that display Tweets to adhere to these," he said.

 

Certification requirement

 

Pre-installed client applications on mobile handsets and SIM cards and other consumer electronics devices will have to be certified by Twitter, Sippey said.

 

"If you ship an application pre-installed without it being certified by Twitter, we reserve the right to revoke your application key," he said.

 

Working directly with Twitter

 

Sippey said developers who need a large number of user tokens will be required "to work with us directly."

 

"One of the key things we've learned over the past few years is that when developers begin to demand an increasingly high volume of API calls, we can guide them toward areas of value for users and their businesses. To that end, and similar to some other companies, we will require you to work with us directly if you believe your application will need more than one million individual user tokens," he said.

 

On the other hand, he said developers building client apps that access the home timeline, account settings or direct messages API endpoints or use Twitter's User Streams product will need Twitter's permission if the app will require more than 100,000 individual user tokens.

 

"We will not be shutting down client applications that use those endpoints and are currently over those token limits. If your application already has more than 100,000 individual user tokens, you'll be able to maintain and add new users to your application until you reach 200% of your current user token count (as of today) — as long as you comply with our Rules of the Road," he said.

 

But once developers reach 200% of their current user token count, they can still maintain your application to serve their users but will not be able to add additional users without Twitter's permission.

 

Squeezing third-party clients

 

Tech site Mashable quoted Paul Haddard of Tapbots, the company behind the popular iOS client Tweetbot, as saying he would prefer not having any cap, though the current cap "is pretty huge and we aren’t going anywhere."

 

He also added that Tweetbot for Mac is “still on track” and that the beta will be out soon.

 

"Going forward, Twitter is explicitly telling developers not to focus on the upper right-hand quadrant — traditional Twitter clients and syndication — and is instead urging developers to focus on other quadrants for their apps and services," Mashable said.

 

It added the early response from some of the major Twitter client developers is one of "uneasy calm." — ELR, GMA News