John Sheehan : The Good and the Bad of OAuth 2.0 Authorization Implementations. While testing out a new tool I’m working on that uses a variety of OAuth2 providers and thought I’d catalog some of the quirks I came across. This is just for the authorization flow, not for actually making requests once you’ve secured a token. Now that the OAuth2 spec is solidified we should start seeing less and less of these issues. Google Good: The APIs Console is one of the best out there. My favorite feature: allowing you to specify multiple callback URLs for a single app. This makes testing different environments way easier because you don’t need to go back and constantly edit the callback URL value. Good: The OAuth 2.0 Playground is fantastic. Bad: When requesting an Access Token the request will fail if you include any parameters that it is not expecting. Bad: The scopes options are not immediately obvious.
Facebook Bad: If you just want to use OAuth with the Graph API, you still need to enable “Website with Facebook Login” in order to set the Site URL. 37signals Stripe Instagram Box. The NewsBlur API. Bitly Launches Social Data APIs For Real-Time Seach, Attention Spikes, And Deeper Looks At URLs. Bitly has launched a set of social APIs that includes real-time search, attention spikes and metadata about URLs.
Real-time search allows a user to run a query and get back the top URLs and stories. Queries can be specific phrases such as Portlandia or filtering by criteria, for example, with stories about food that people are reading about in San Francisco. The search can then be drilled down to view by multiple different categories. Bitly calls this a “story.” It gives the user a look at the aggregated data for a group of related links that are about the same thing. Attention spikes are a different take on search that more reflects what topics are getting attention.
From the Bitly blog: For example, “giant squid” is bursting today because of this story: Giant Squid Captured on Film. With metadata about URLs, Bitly is providing an analysis on the content of each URL. Documentation for the APIs is available on the Bitly dev site and in its Python library. Using Reverse Auth. While the Twitter framework for iOS provides an incredibly easy way to make authenticated calls on behalf of a user to the Twitter API, you may find the need to process a user’s Twitter data on your server. To faciliate this, Twitter provides an endpoint that allows you to obtain the user's OAuth tokens for your own application. The process is called Reverse Auth. Before We Start Reverse Auth is still OAuth. The reverse auth flow is not a complicated process, but it does require the ability to make a signed request. As such, you should be familiar with the Authorizing a request before attempting to use the endpoint. The Twitter framework (iOS5) or Social Framework (iOS6+) is required.
Step 1: Obtain a Special Request Token First, you make an HTTPS request to the Twitter Request Token URL with your application's consumer key. Warning The tokens used here are for demonstration purposes only, and will not work for your project. API - Google+ Platform. The Google+ API is the programming interface to Google+. You can use the API to integrate your app or website with Google+. This enables users to connect with each other for maximum engagement using Google+ features from within your application.
View the Google+ API reference overview with resources People, Activities, Comments and Moments. Note: The Google+ API currently provides read-only access to public data. Quota Your application is limited to the number of API calls it can make by a usage courtesy quota. Google+ API (Sign-in) - For methods that are allowed by the scope (people.get, people.list, moments.insert, moments.remove and moments.list) Google+ API - For all other methods Each group has its own limit, which applies to the total of all API calls in that group. Authorization Many API calls require that the user of your application grant permission to access their data.
API Calls GET Data Formats. - App.net API Documentation. New Twitter API Drops Support for RSS, Puts Limits on Third-Party Clients. Current status: API v1.1. Changes coming in Version 1.1 of the Twitter API. At the end of June, I wrote about how we’re working to deliver a consistent Twitter experience, and how we would soon introduce stricter guidelines about how the Twitter API is used.
I’d like to give you more information about coming changes to the API and the migration plan while offering insights into today’s Twitter ecosystem and why we’re making these changes. In the coming weeks we will release version 1.1 of the Twitter API. To help you plan ahead, we’re announcing these changes now, before the new version of the API is available. Changes will include: required authentication on every API endpointa new per-endpoint rate-limiting methodologychanges to our Developer Rules of the Road, especially around applications that are traditional Twitter clients.
Authentication required In version 1.1, we will require every request to the API to be authenticated. Per-endpoint rate limiting In version 1.1, we will provide per-endpoint rate limiting on the API. API v1.1 migration period Looking ahead. SDK for iOS - Développeurs Facebook.
Google+ API.