{"id":20,"date":"2010-09-03T00:23:32","date_gmt":"2010-09-03T00:23:32","guid":{"rendered":"http:\/\/blog.soton.ac.uk\/nba08r\/?p=20"},"modified":"2010-09-03T00:23:32","modified_gmt":"2010-09-03T00:23:32","slug":"twitter-api-basic-auth-to-oauth-using-single-access-tokens","status":"publish","type":"post","link":"https:\/\/blog.soton.ac.uk\/nba08r\/2010\/09\/03\/twitter-api-basic-auth-to-oauth-using-single-access-tokens\/","title":{"rendered":"Twitter API: Basic Auth to OAuth using Single Access Tokens"},"content":{"rendered":"<p>Twitter&#8217;s single access tokens work exactly  the same way as basic auth, specifically for desktop applications which  don&#8217;t necessarily require authentications by external users.<\/p>\n<p>Instead  of sending a username-password pair to the API, you now need a  four-item set of consumer key, consumer secret and two access tokens to  send to the API.<\/p>\n<p><span>Full documentation: <a rel=\"nofollow\" href=\"http:\/\/dev.twitter.com\/pages\/oauth_single_token\" target=\"_blank\">http:\/\/dev.twitter.com\/pages\/oauth_single_token<\/a><\/span><\/p>\n<p>or..<\/p>\n<p>Step-by-step guide:<br \/>\n<strong><\/strong><\/p>\n<h2><strong>1. Register your app on Twitter API<\/strong><\/h2>\n<p><span>Go to <a rel=\"nofollow\" href=\"http:\/\/dev.twitter.com\/apps\/new\" target=\"_blank\">http:\/\/dev.twitter.com\/apps\/new<\/a> or  dev.twitter.com &gt; Your Apps &gt; Register New App<\/span><\/p>\n<p>Registrations  are automatic, unlike whitelisting, so you get approved straight away.  You don&#8217;t necessarily have to have an &#8216;app&#8217;, just a description of what  you&#8217;ll be using the API for.<\/p>\n<h2><strong>2. View your applications<\/strong><\/h2>\n<p>Go to dev.twitter.com &gt; Your Apps, which should display all your registered apps.<\/p>\n<h2><strong>3. Get your key, secret and access tokens<\/strong><\/h2>\n<p>On the same page, you should be able to see your Consumer Key and Consumer Secret.<\/p>\n<p>On  the right-hand side of the page, click on the button &#8216;My Access Token&#8217;.  This would then generate your access token and access token secret.<\/p>\n<p>Twitter advises you to keep all four items secret and not stored in plaintext.<\/p>\n<h2><strong>4. Use all four items to access Twitter API<\/strong><\/h2>\n<p><span>You  now have to use all four items to authenticate your Twitter API  requests. The way to do this varies according to your own clients. The <a rel=\"nofollow\" href=\"http:\/\/dev.twitter.com\/pages\/oauth_single_token\" target=\"_blank\">http:\/\/dev.twitter.com\/pages\/oauth_single_token<\/a> page has some useful examples of clients using C#, .NET, PHP, Python and Ruby. You&#8217;ll have to look elsewhere for Perl clients.<\/span><\/p>\n<p>The  basic idea of single access tokens is that instead of redirecting  online users to Twitter for authentication, you bypass what they call  the OAuth &#8216;dance&#8217; by giving the API all four items it needs.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Twitter&#8217;s single access tokens work exactly the same way as basic auth, specifically for desktop applications which don&#8217;t necessarily require authentications by external users. Instead of sending a username-password pair to the API, you now need a four-item set of consumer key, consumer secret and two access tokens to send to the API. Full documentation: [&hellip;]<\/p>\n","protected":false},"author":15,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[387,388,386,385],"class_list":["post-20","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-basic-auth","tag-oauth","tag-single-access-tokens","tag-twitter-api"],"_links":{"self":[{"href":"https:\/\/blog.soton.ac.uk\/nba08r\/wp-json\/wp\/v2\/posts\/20","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.soton.ac.uk\/nba08r\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.soton.ac.uk\/nba08r\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.soton.ac.uk\/nba08r\/wp-json\/wp\/v2\/users\/15"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.soton.ac.uk\/nba08r\/wp-json\/wp\/v2\/comments?post=20"}],"version-history":[{"count":5,"href":"https:\/\/blog.soton.ac.uk\/nba08r\/wp-json\/wp\/v2\/posts\/20\/revisions"}],"predecessor-version":[{"id":25,"href":"https:\/\/blog.soton.ac.uk\/nba08r\/wp-json\/wp\/v2\/posts\/20\/revisions\/25"}],"wp:attachment":[{"href":"https:\/\/blog.soton.ac.uk\/nba08r\/wp-json\/wp\/v2\/media?parent=20"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.soton.ac.uk\/nba08r\/wp-json\/wp\/v2\/categories?post=20"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.soton.ac.uk\/nba08r\/wp-json\/wp\/v2\/tags?post=20"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}