I’m working with a University that uses Twitter to post news (events, rewards they got, new classes, etc). We develop an iOS and Android app so students can keep up with their classes, check library loans, check the parking occupation and display the same news posted on Twitter.
Right now we are using the REST 1.0 API and I want to upgrade to 1.1 for two reasons: 1) Increase the request limit and 2) Be ready for the 1.0 full deprecation.
So I was checking the proper authentication method and couldn’t find something that would fit what we need, but let me put a bit more information here:
I can’t ask the user to use his/her account. I won’t be posting or checking his/her subscriptions, I’ll be checking a single account (the University account). Also, maybe the user doesn’t have a Twitter account or doesn’t want to set it up on their mobile.
I can’t simply create an OAuth token and embed it in the application 'cause that would mean that all students would consume the limit of the token; with 2500 people already using the iOS app (and about the same using the Android version), the rate limit for the token would be reached pretty fast.
The current implementation (with API 1.0) may already have a rate limit problem due the fact that the University provides a wireless network to all students. Although they have several external IPs, in our test cases (with some staff and teachers) the rate limit is being reached.
As far as I can see, the best solution in this case would be using xAuth and authenticate with the University account, getting a new token for each mobile, preventing reaching the rate limit. Am I in the right track?
(The “best best” solution would be an application-based request, but I can’t find anywhere to ask for it or how to use it.)