[wp-hackers] Twitter API and Authentication

Matt Harris themattharris at twitter.com
Mon May 10 23:20:49 UTC 2010

Hey Hackers,

Some of you may already know me through WordCamps, Barcamps and various
conferences but for those of you who don't, my name is Matt Harris and I've
just joined Twitter as a Developer Advocate.

I'm emailing this list to reach those of you who either write plugins that
use Twitter, or develop websites for which a Twitter widget is used.

On the 30th June the Twitter REST API will stop supporting Basic
Authentication and instead switch to OAuth. This means
* all user authenticated requests to the API must be OAuth signed,
preferably using OAuth headers.
* calls not requiring authentication should ensure they do not send auth
headers of any kind as doing so will return an error
* basic auth will cease to function on the REST API
* the streaming API will still support basic auth but this is likely to
change later in the year
* the search API does not require auth so is not part of this project
* the public RSS/ATOM feeds do not require auth so are not part of this

So, if you have WordPress sites that publish to Twitter please check they
are using OAuth and not Basic Authentication.
If you are a plugin developer, please update your plugin to use OAuth and
remove and Basic Authentication code.
If you're plugin just consumes RSS/Atom feeds from Twitter you will be
unaffected by this change.

Information about OAuth and community code libraries can be found on
http://dev.twitter.com or, if you have any questions please ask in the Twitter
development talk Google group:
talk <http://groups.google.com/group/twitter-development-talk>. You can also
find me on Twitter as @themattharris or at various events including Google
IO later this month.

Matt Harris
Developer Advocate, Twitter

More information about the wp-hackers mailing list