That looks simple enough. It seems Twitter uses this to increase rates limits if an application identifies itself (instead of a lower limit based on IP). It doesn't provide access to any private information, or allow the application to act as a user.
What would be the desired effect for FxA? We don't really have public APIs... Accessing a user's private information will require getting their permission. We do have Service Accounts, which allow access to all information without user action, but they require explicit registration with us, such as our use of Basket. On Sat, Nov 28, 2015, 12:37 AM Rémy Hubscher <[email protected]> wrote: > Hello, > > While reading the Twitter documentation, I realized they have an > Application-Only > authentication mechanism <https://dev.twitter.com/oauth/application-only> > that is quite easy. > > They are using client_id and client_secret in a BasicAuth fashion in order > to get a BearerToken on this URL /oauth2/token > > This could be a quite easy solution to implement I guess while reusing the > current ecosystem we have. > > Best regards, > > Rémy > _______________________________________________ > Dev-fxacct mailing list > [email protected] > https://mail.mozilla.org/listinfo/dev-fxacct >
_______________________________________________ Dev-fxacct mailing list [email protected] https://mail.mozilla.org/listinfo/dev-fxacct
