I created a Twitter application and could login Twitter with OAuth.
However I could not find callback or status check API for “Revoke access” at Twitter Applications settings.
When I use Facebook API, this has Deauthorize Callback Url setting. This callback will be called when user remove the application at settings page.
Does Twitter API have such APIs or settings? If there is not such “Deauthorize Callback Url” settings, I would like to check my application authorization status at an user. How can I do such things and which api should I use?
1 Like
You can’t get notified when someone revokes access as far as i know - but you can use GET account/verify_credentials | Docs | Twitter Developer Platform to test if the tokens are good. Or any other endpoint - if the tokens were revoked, you’ll get a “not authorised” error.
2 Likes
Thank you for your answering! I’ll try these ways.
Is keeping the user’s twitter data after they revoke the app GDPR compliant?
I think No, not compliant. But that’s a better question for a GDPR lawyer.
If Twitter does not provide an ‘revoke’ web hook so we can be notified when a user revoke’s access, then how should apps handle this? Run a daily cron job to make sure we still have permission to store the data?
Run a daily cron job to make sure we still have permission to store the data?
Sure, thet’s not a bad idea - you can use GET account/verify_credentials | Docs | Twitter Developer Platform endpoint or any other endpoint to check - if the app is authorized, the call will succeed.
I agree though, it would be way easier to have a callback for when someone revokes access so cleanup can be done.
1 Like
system
Closed
#8
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.
