Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Twitter Social Networks Software The Internet Technology

Twitter Restricts Client Developers 96

New submitter atsabig10fo writes "Twitter has finally released the hinted-at changes to their API, which include limiting the number of users for third party clients, per-endpoint rate limiting, and restrictions on how tweets can be displayed and posted. Twitter's Michael Sippey wrote, 'One of the key things we've learned over the past few years is that when developers begin to demand an increasingly high volume of API calls, we can guide them toward areas of value for users and their businesses. To that end, and similar to some other companies, we will require you to work with us directly if you believe your application will need more than one million individual user tokens.' Third party app developers are certainly going to be sweating these changes, and it puts the future of new development in question."
This discussion has been archived. No new comments can be posted.

Twitter Restricts Client Developers

Comments Filter:
  • by Anonymous Coward
    Anyone know if this applies to the (otherwise quite separate) Search API as well, or only to the more full-fledged Twitter API?
  • by fuzzyfuzzyfungus ( 1223518 ) on Friday August 17, 2012 @07:54AM (#41022553) Journal

    "Hey guys, I've been thinking that maybe we need some new ideas on how to make our product less popular. Yeah, I know that we have to contend with network effects and a fairly strong first-mover advantage; but so did Myspace, we can do this, people! The service we offer is technologically totally fucking replaceable, and its continued viability depends on a pleasant UX for all the non-bots in our subscriber base."

    "Say, your mention of UX gives me an idea... What if we were to start fucking around with the 3rd parties who produce the most popular interfaces to our product? If I remember, AOL's endless game of cat-and-mouse over OSCAR clients totally helped them retain relevance in the IM space..."

    "Man, that is Genius! If we do this right, the name 'twitter' will come to mean 'Just like xmpp, only far less versatile and run by assholes' within the month. Get to it!"

    • Twitter is working to make their developer ecosystem not smaller but more selective.

      • by svick ( 1158077 )

        Ehm, doesn't "more selective" imply "smaller"?

        • by i_ate_god ( 899684 ) on Friday August 17, 2012 @08:35AM (#41022869)

          I have space for 1000 fruit. If I selectively pick 1000 apples, I still have a 1000 fruit.

          • by Captain Hook ( 923766 ) on Friday August 17, 2012 @08:59AM (#41023125)
            except you don't have space for 1000 fruit, you have pretty close to infinite space and you are artificially limiting selection to 1000 apples... also, don't you dare try to slip an orange in there, everyone knows apples are the king of fruits and everyone should therefore be happy to be restricted to just apples.
            • Would someone explain to me this fruits stuff? I don't understand the metaphor? Someone doesn't like Apples? Yeesh!

            • "Infinite space"? You think managing, developing and maintaining that massive infrastructure, the software, the data centers, the increased server loads, the sysadmins and programmers ... you think that all costs nothing?

            • by mwvdlee ( 775178 )

              Could you please point me the hosting company that provides these close-to-infinite cpu cores, close-to-unlimited bandwidth servers?

          • by gl4ss ( 559668 )

            ..and you leave the 100000000 other fruit to rot. good thinking!

            it's just that if you have 100 000+ users you'll going to start bleeding money twitters way, by ads or cash.

            prediction? a bunch of clients pop up that use the twitter website api/access and pretend to be a browser.

            • prediction? a bunch of clients pop up that use the twitter website api/access and pretend to be a browser.

              Prediction: More CAPTCHAs on Twitter.com.

      • "Twitter is working to make their developer ecosystem not smaller but more selective."

        (1) You can't make it "more selective" without making it smaller.

        (2) It doesn't matter what they're working toward, because what they are going to get is abandonment of Twitter en masse.

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      "Hey guys, I have been thinking that maybe we need a way to prevent clueless developers from DDOSing us with their client." Is probably more it.

      • by ledow ( 319597 ) on Friday August 17, 2012 @08:09AM (#41022663) Homepage

        Provide API keys.

        Revoke API keys of programs that abuse the system.

        Not really that hard. I should think API DDoS is the least of their worries, to be honest.

      • Re: (Score:3, Informative)

        by trnk ( 1887028 )
        From TFA: 'Nearly eighteen months ago, we gave developers guidance that they should not build client apps that mimic or reproduce the mainstream Twitter consumer client experience." And to reiterate what I wrote in my last post, that guidance continues to apply today.'

        This language certainly goes beyond just discouraging 'bad' implementations.
    • Commercial services where the primary service is free (facebook, twitter, etc) have to strike a balance.

      Having lots of users is pretty pointless if very few of those users are seeing any adverts (because they access via third party clients) or directly paying anything. Conversely having a relatively high income per user is pretty pointless if you have very few users.

      • Having lots of users is pretty pointless if very few of those users are seeing any adverts (because they access via third party clients)

        If Twitter integrates ads directly into the message stream how would third party clients be blocking ads?

        I know Twitter does this today (in at least the Twitter iOS client), I just don't know if ads actually go into the message stream for third party clients - but they could.

    • by jbolden ( 176878 )

      They don't care about popular if it doesn't translate into revenue. Control of promoted tweets and the unique ability to sell the stream to search engines are the two revenue sources. I would assume those are the two things they don't want to have applications alter.

      The big problem is when you start doing crossovers with other applications (like facebook) you have to create a unique search that isn't twitter specific...

    • Twitter don't actually make money (revenue, yes) but they've been losing money for years ... http://gawker.com/5891675/twitters-secret-history-as-the-worlds-worst-tech-or-media-business ... obviously there eventually comes a time when you have to start trimming expenses while looking to raise revenue, you can't keep losing money forever. Being popular and having lots of users and "network effects" is actually a bad thing when your entire business model is based on simply losing more and more money for every

      • Honestly, I think twitter is pretty screwed. Their centralized architecture means that every user costs them money, less whatever they can scrape back on low-value consumer advertising embedded in feeds; but unless they can point to a giant mass of authentic users, the potentially more lucrative analytics types are going to be a very hard group to attract. As a generic messaging middleware platform they are highly limited and not terribly reliable, so they attract only the lowest value bot traffic in that a

        • I'd be inclined to suggest that this is one of those 'just because you have a problem doesn't mean there is a solution' situation

          I also suspect that might be the case, though admittedly I haven't spent much time contemplating their potential business model(s).

  • by Anonymous Coward on Friday August 17, 2012 @08:00AM (#41022597)
    Lets say you want to go over 100,000 users. Your application name is: Twitterextender. Just make Twitterextenderblack, Twitterextenderplus, SuperTwitterextender, etc etc. Make a new version for every 100,000 users you hit. Would this get around the arbitrary limit? They are different aps if you change the color and/or some trivial functionality.
    • by larry bagina ( 561269 ) on Friday August 17, 2012 @08:09AM (#41022659) Journal
      Twitter has to approve third party applications and can revoke your access at any time.
      • by pla ( 258480 )
        Really? And how do they plan to stop me from completely ignoring their API and just faking it via HTTP, as though the user had actually logged in through a web browser? Anything they can test for, I can respond accordingly.

        Devs only use the API instead of spoofing it because the API gives them more flexibility. Take that away, and they can expect their direct "web based" usage to skyrocket.
        • by ZorinLynx ( 31751 ) on Friday August 17, 2012 @09:10AM (#41023247) Homepage

          That's not going to work. Web scrapers break when you make the slightest changes to the way the web page is delivered.

          If Twitter notices a lot of scraping going on? Tweak the page slightly. Then 573 scraper developers have to update their code. How many times will this happen before they give up? I'm betting not many.

          I'm extremely pissed off at the way Twitter is trying to push away third party clients. TweetBot is AMAZING, and FAR superior to Twitter's own client. If they put as much effort into developing their client as they are restricting the API and whining about this, it could probably better. But of course they don't.

          • If Twitter notices a lot of scraping going on? Tweak the page slightly. Then 573 scraper developers have to update their code.

            Why do all the applications doing the scraping need to have their own scraping library? You just need one open-source Twitter scraping library that provides an abstraction layer (preferably, one that provides a nice, pleasant API that remains stable as the implementation gets updated to adapt to changes on the source website.)

            • You just need one open-source Twitter scraping library

              In other words, one single point of failure for Twitter to sue. Who remembers bnetd?

          • "That's not going to work. Web scrapers break when you make the slightest changes to the way the web page is delivered."

            The way it's delivered doesn't change. You mean content. But a properly-designed scraper is not that fragile anyway. And if something does break, it notifies the developer, and it's fixed in a few minutes.

            • And if something does break, it notifies the developer, and it's fixed in a few minutes.

              Plus two weeks for the curator of the platform's monopoly application store to approve the fix.

              • "Plus two weeks for the curator of the platform's monopoly application store to approve the fix."

                Not in my experience. And I used to do these for a living. It's fixed in a few minutes.

        • by jbolden ( 176878 )

          Mostly they don't care. The way they generate revenue is by selling their stream to search engines (which the scraping method would be useful for) and by selling position on search (which scraping methods would preserve). As long as you aren't manipulating the data on your side, your fine.

          Now of course you could pull down thousands of search results, scrape and reorder via. a scrape. And then at that point they need to start breaking the scraping apps.

    • by middlemen ( 765373 ) on Friday August 17, 2012 @08:45AM (#41022969)

      Make a new version for every 100,000 users you hit.
      ...
      They are different aps if you change the color and/or some trivial functionality.

      Finally a logical reasoning why Microsoft has multiple versions of Windows!

  • by Anonymous Coward on Friday August 17, 2012 @08:00AM (#41022603)

    I'm not sure why someone hasn't built a Twitter clone that just runs on top of IRC. Twitter is in many ways web IRC already.

    • by tgd ( 2822 ) on Friday August 17, 2012 @08:11AM (#41022673)

      I'm not sure why someone hasn't built a Twitter clone that just runs on top of IRC. Twitter is in many ways web IRC already.

      Simple. You can be assurred that 99.999% of Twitter's users don't care in the slightest about this, and the value of Twitter is its user base.

      Its the exact same reason none of the "free" social networking projects have made even a tiny blip in the public awareness, and will never overtake Facebook.

      Twitter and FB have done something that MySpace never did -- transitioned out of a finnicky group of users (kids who try new things all the time) and got broad usage among the pool of people who don't. (Adults who have better things to do with their time then chase the latest trend.)

      • by allo ( 1728082 )

        or xmpp.
        look at movim and buddycloud.

        anything on top of existing systems like irc or jabber would be great.

      • by BenJury ( 977929 )

        Adults who have better things to do with their time then chase the latest trend.

        Right, but will they install a new app when their one stops working?

        Anyway its the kids that set the direction, if it became cool to use G+ so all the kids switched, as they get older G+ will become dominant as everyone and their piers (and their celebrities) are on it and it would bubble up to the 20-25 year olds in 5 years time. So us oldies aren't important really, yeah we prop up the numbers now but aren't the future. So Twitter should be wary of alienating the 15year olds as they do so at their peril.

  • Translation (Score:5, Insightful)

    by ortholattice ( 175065 ) on Friday August 17, 2012 @08:04AM (#41022627)

    "...we can guide them toward areas of value for users and their businesses..." = we can charge you money

    . "To that end, ...we will require you to work with us directly..." = therefore, we will charge you money

  • by Anonymous Coward

    I've been on imageboards for years and years, yet that diagram from TFA [twitter.com] and the words beneath it are the most offensive things I've ever seen. I don't think I can look at either of them directly.

    • Unfortunately, problems of this nature can likely only be solved by social pressure.

      If more people responded to the phrase "Yeah, I'm in branding-centric social media analytics." in the same way that they would respond to the phrase "I can't get off unless the puppy is bleeding.", there would almost certainly be less of this in circulation.

  • Stopping Spam? (Score:5, Interesting)

    by hazzey ( 679052 ) on Friday August 17, 2012 @08:19AM (#41022745)
    It sounds like this might be in response to all of the reports of massive amounts of spam accounts: http://news.slashdot.org/story/12/08/14/1851243/inside-the-real-economy-behind-fake-twitter-followers [slashdot.org] This might be one way to reduce the ease that the spam-twitter-herders work while at the same time providing a bit of income.
  • by Johann Lau ( 1040920 ) on Friday August 17, 2012 @08:48AM (#41023001) Homepage Journal

    1. What sites are out there that implement OStatus? I know of

    http://rstat.us/ [rstat.us]
    http://identi.ca/ [identi.ca]
    http://status.net/ [status.net]

    2. What good and complete tutorials are there for implementing OSTatus? The ones I tried broke my brain. I want less theory and words, at least initially, and more (pseudo) code. Let's start simple: What do I need to do to make my CMS "folllowable" from the three sites above, for example? Too much theory makes me impatient, I need something simple that works and which I can enhance/refactor. So far, I'm stumped. Help? Any other ideas?

    One thing is sure, Twitter has never been anything but shit, same for facebook, and app.net is just another dead end, too. So let's skip to the non-bullshit part, even though it's tedious and scary (certainly for me ^^), and get to the actual protocols that are not just a waste of time...

    Why shouldn't [blogging or forum software of choice] support OStatus? Why should you not be able to "follow" posters, threads, categories or tags -- ? And if OStatus isn't good enough for that, what is, or how can we make it? I say "we", though I'm a shitty coder, but you get the idea.

    • by Rozzin ( 9910 )

      1. What sites are out there that implement OStatus? I know of

      http://rstat.us/ [rstat.us]
      http://identi.ca/ [identi.ca]
      http://status.net/ [status.net]

      To start with, every site running StatusNet implements it. Here are a few lists of independent StatusNet sites:

      There's also an OStatus plug-in for WordPress [wordpress.org], a set of OStatus-bridge apps for Facebook, Twitter, and Google+ [snarfed.org].

      And there are plenty of

      • I thank you from the bottom of my heart :)

      • I spoke to soon :/ (well, except for the list of OStatus sites, thanks again for that)

        Start with `How to OStatus-enable Your Application'.

        That page isn't very in-depth (to put it mildly.. it doesn't even link to the homework, much less info like "here are the possible requests, here's what you reply to them", some kind of example exchange between servers, etc.), and the links that *are* on it, are mostly 404:

        You should at least implement the http://schemas.google.com/g/2010#updates-from [google.com] Link to link to your

        • by Rozzin ( 9910 )

          That page isn't very in-depth (to put it mildly.. it doesn't even link to the homework, much less info like "here are the possible requests, here's what you reply to them", some kind of example exchange between servers, etc.),

          Yeah--it's an extremely high-level overview, for the most part.

          The paragraph at the top of the page (about how the first, and possibly most significant step is almost a no-op in most cases: PuSH-enabling your RSS/Atom feeds so that people can subscribe to you) is pretty valuable even b

          • by Rozzin ( 9910 )

            It looks like the URLs that those links really *should* be pointing at are:

            • http://webfinger.net/
            • http://ostatus.org/specification
            • http://www.w3.org/community/ostatus/

            Oh, and of course:

            • http://salmon-protocol.org/
          • Thanks! Yeah, if all fails, I'll just look at something else that implements it; with a combination of docs and that, and some stubborness to make up for coding genius, I'll get there. And then I hopefully won't be too lazy to make a summary of my findings, ie. the tutorial I'm currently missing :)

  • by medcalf ( 68293 ) on Friday August 17, 2012 @08:48AM (#41023005) Homepage
    They are requiring authentication at all endpoints, at least in part to prevent mass public reading of data. But this can be done through the web interface without authentication, and a programmatic web interface is not difficult to write. All that's needed is a burner user (or set of them, if Twitter is going to be diligent about shutting them down). Since it's all automatic, the real-time services are impacted, but the spamming, data mining and other potentially nefarious uses which do not require real-time data would be unimpeded, beyond a few days to put together a client to get this information differently and the effort of automating account creation. In other words, major inconvenience for legit app developers, but minor inconvenience for those who are looking to abuse the system.

    Additionally, if you are building a Twitter client application that is accessing the home timeline, account settings or direct messages API endpoints (typically used by traditional client applications) or are using our User Streams product, you will need our permission if your application will require more than 100,000 individual user tokens.

    We will not be shutting down client applications that use those endpoints and are currently over those token limits. If your application already has more than 100,000 individual user tokens, you'll be able to maintain and add new users to your application until you reach 200% of your current user token count (as of today) — as long as you comply with our Rules of the Road. Once you reach 200% of your current user token count, you'll be able to maintain your application to serve your users, but you will not be able to add additional users without our permission.

    In other words, if you build something like TweetBot (or Tweetie, which is now Twitter's official mobile client!), you can't get bigger than 100,000 users. So no point in spending time building a better Twitter client: if it's good enough to get used, it can't get used. This seems ... counterintuitive ... if your goal is to have a successful platform.

    We hope that all of this information gives you more clarity around where we are headed with API v1.1.

    It does give clarity. It clarifies that Twitter is angering the very developers who are both motivated and capable of building a system to replace it. Also, this means that client innovation (the same innovation that brought hash tags, @ references and tweet discovery) will slow dramatically, which in turn opens up niches for competing services to capitalize on.

    All in all, this smells like a huge error on their part.

    • I'm convinced that they bought Tweetie and made it the official client because it was always the LEAST interesting client. It was functional, but bland; it was the plain porridge of twitter clients. Everyone else experimented with different views, different ways to manage this or that...but not Tweetie.

      TweetBot is the best twitter client around. It's actually so good, I ended up using the Twitter List feature, which is effectively impossible to use well unless the client also does it well. Now I don't bothe

  • Alright, so this is the part that baffles me:

    Nearly eighteen months ago, we gave developers guidance that they should not build client apps that mimic or reproduce the mainstream Twitter consumer client experience." And to reiterate what I wrote in my last post, that guidance continues to apply today.

    Ok, so developers need to do something to differentiate. Got it.

    We will require all applications that display Tweets to adhere to these [twitter.com]. Among them: linking @usernames to the appropriate Twitter profile, displaying appropriate Tweet actions (e.g. Retweet, reply and favorite) and scaling display of Tweets appropriately based on the device. If your application displays Tweets to users, and it doesn't adhere to our Display Requirements, we reserve the right to revoke your application key.

    Right! So developers shouldn't build client apps that mimic or reproduce the mainstream Twitter experience - and instead they should differentiate by building apps that adhere strictly to the UI requirements. These requirements provide explicit detail as to how to create a client that mimics and reproduces the mainstream Twitter experience.

    Wait, how's that again?

    • Translation: If we don't like you we'll either shut you down for 1) Mimicing or reproducing the "mainstream Twitter consumer client experience" or 2) NOT mimicing or reproducing the "mainstream Twitter consumer client experience" (at all or not closely enough).

      They're just given themselves the ability to shut down any app they want at any time. In addition, apps can't grow too big. Don't want them competing with Twitter if someone uses their APIs to make something better than the official Twitter webpage/

    • Right! So developers shouldn't build client apps that mimic or reproduce the mainstream Twitter experience - and instead they should differentiate by building apps that adhere strictly to the UI requirements. These requirements provide explicit detail as to how to create a client that mimics and reproduces the mainstream Twitter experience.

      There may be something you are missing here. The "don't mimic or reproduce the Twitter client experience" applies to all apps. The UI requirements that seem to mimic and

      • Right! So developers shouldn't build client apps that mimic or reproduce the mainstream Twitter experience - and instead they should differentiate by building apps that adhere strictly to the UI requirements. These requirements provide explicit detail as to how to create a client that mimics and reproduces the mainstream Twitter experience.

        There may be something you are missing here. The "don't mimic or reproduce the Twitter client experience" applies to all apps. The UI requirements that seem to mimic and reproduce the Twitter client experience only apply to apps that display tweets. There would seem to be plenty of possibilities for Twitter API-based apps that don't "display tweets to users", but instead perform analytical functions, etc.

        Yes, exactly true. But no possibilities for the apps the people who are generating content (that is, the people who post the tweets that make the service interesting to other people) want to use. As they made clear with their stunning infographic, focus is moving away from the users.

        I'm not sure, logically, how increasing focus on analytics and business use cases while discouraging consumers from using the product will get them there, but at least they've a plan to monetize -- which is better than running

  • Nonono, you misunderstand... My "SuperTwit" client doesn't require more than a million user tokens... SuperTwit A requires 900k, SuperTwit B requires 900k, and SuperTwit C requires 538k. Sure, they all look very, very similar, but hey, some people just don't like the letter "A" as much as "B", and so on!

    Yeah, I don't suspect Twitter would fall for it. More to the point, however, if more than a million of your users want to use client-X, why the hell would you tell them "no"?
    • I suspect if anyone tried the "SuperTwit A, B, C, D, ..." approach, they'd find all of their "SuperTwit" keys revoked.

  • by Anonymous Coward on Friday August 17, 2012 @08:57AM (#41023101)

    And this is why you should never base your business model atop someone else's product. Because that way your always at their whims.. I would only consider building atop another system if your life cycle (development and bringing to market ) is measured in months, and you have an exit plan ready to go.. otherwise get ready for restrictions once root company actually needs to make money and satisfy investors...

    • "If I have not seen further it is by standing on ye chests of prone midgets"

      To be completely fair, if you have something patentable in your business or operational model, and you patent it, said root company would have the option of buying you out or losing the functionality driving people to their service in the first place, leaving you room to make a similar service with your patented components intact and drive them under. For the most part, Twitter add-ons do not add significant value to Twitter.

    • And this is why you should never base your business model atop someone else's product.

      Yet just about every single successful video game or other commercial application for home use is based atop one of ten products: Microsoft Windows, Microsoft Xbox 360, Sony PlayStation 3, Sony PlayStation Vita, Apple Mac OS X, Apple iPhone/iPad, Nintendo Wii, Nintendo DS, Google Play Store, or Adobe Flash Player.

      I would only consider building atop another system if your life cycle (development and bringing to market) is measured in months

      Thus we have an exception to "never".

  • by DdJ ( 10790 ) on Friday August 17, 2012 @09:27AM (#41023467) Homepage Journal

    I've had two ideas so far that might help address this.

    First: correct me if I'm wrong, but if you're using an open source Twitter client, would you be able to obtain your own API key and use that? So, in theory, open source clients should have no trouble with the "no more than 100,000 users per API key" issue. Could even set up infrastructure for automatically distributing and using sets of API keys, no?

    Second: if it gets too bad, switch from using "the twitter API" to "SMS". Just use SMS forwarding, point it at something like your Google Voice account, and forget there is an official "API".

    (Or are they talking about killing the SMS gateway function too?)

    • When you access the Twitter API, you need 2 things: An API key for the app itself and a client key for the user. Yes, users might be able to register their own versions of OpenSourceTwitter, get their API keys, and put them into the app getting around the limitation, but I see a few problems.

      1) It would be difficult for many users to do this. Right now, apps require you to enter your username and password. Some just require that you authorize them by clicking a button. You'd be replacing this with a mul

  • Well, at least this explains why the Twitter-released versions of Tweetdeck are utter garbage compared to the old versions released by Tweetdeck Inc. before they were gobbled up by Twitter..
    • Yes, it most certainly does. I wondered at first why they would take a good application and dumb it down. But after giving it some thought, I saw what they were doing.

      I've been anticipating the day when they'd do this, for close to 2 years now.

      By the way: I still use a pre-acquisition version of TweetDeck, as do many other people I know. I tried the Twitter version and went right back to the old one.

"To take a significant step forward, you must make a series of finite improvements." -- Donald J. Atwood, General Motors

Working...