Accounts being flagged for automated activity, but not our API



Many of our clients accounts are getting marked for automated activity, and even when they disconnect their accounts from our services, they continue to have to reauthenticate for automated activity.

Some of our clients may post the same content to multiple accounts. Our clients are school districts and when they close school, they often will push a message to all their school level accounts that school is closed. The content is the same, but this is a unique case as having the same content on multiple accounts isn’t viewed as spam but appropriate and even expected in this case (their websites do the same thing).

Is there a way to allow for this because of the special use case here for K12 school districts? Also, how can our clients not have their accounts continue to be flagged for automated activity even after they are no longer affiliated with any 3rd party systems?

What would cause an account to need to be re-authenticated due to automated activity?

Hi! Thanks for posting.

Unfortunately, we can’t discuss specific applications or accounts on the forum. However, I can share some general guidance about these kinds of authentication issues:

We use a variety of techniques to detect potential automation on our service — including attempts to log in to Twitter using automation (separate and apart from the OAuth authorizations your application would use to post content on the user’s behalf). Please note that any attempt to script or automate logins to Twitter may result in enforcement actions against accounts. If you or your users are employing any form of non-OAuth authentication (including scripting the Twitter account login screen), you should discontinue the use of those authentication methods immediately.