How can I give my own Twitter app access to my own Twitter account without building the whole authorization flow?

authorization

#1

In the case where I am building a new app, if the App needs access to my own Twitter account (for instance to fetch information through the REST API that is not publicly available), but will not need access to any other Twitter accounts ever, what is the best way to grant such access?

The Twitter documentation page “Connecting or revoking third-party applications” describes the process of granting an app access to my Twitter account as “On the website of the application you want to connect, find the button/link asking you to connect your Twitter account”. But in this case, I would first need to build this ‘Connect to Twitter’ button myself. Since the button would only be used once, by myself, this seems a bit wasteful. Is there an easier way?


#2

Sure, you can generate your own Access Tokens in https://apps.twitter.com under “Keys and access tokens” -> “Your Access Token” if you only need your own account for testing.


#3

Unfortunately it turns out that the account whose data needs to be accessed will not be the same as the account owning the app (the account owning the app will be ours, and the account whose data will need to be accessed belongs to a client, who will give us temporary access for purpose of setting this up).

Is there any other way to grant access to an app? Other than building the full authorization flow into the app?

For instance, if there was a ‘grant permission’ URL containing the app-id, which you can enter into the browser location-bar while logged in with a Twitter account that does not need to be already associated with the app, and which would show a ‘accept/decline’ dialog to grant permissions, that would be perfect.


#4

The PIN based auth sounds like what you want: https://dev.twitter.com/oauth/pin-based


#5

I looked at the PIN-based authentication. But it seems that if I want to use this to tell Twitter “From now on, this app may access the data from this account”, I still need to write code myself to make various API-calls. Which, since it will be run only once (by me) and then discarded, is what I am trying to avoid.

I’m guessing that Twitter does not simply provide an interface for purposes of telling Twitter that a given app should be allowed to access the data from a given Twitter account?


#6

It’s probably a bad example because it’s Java and overly verbose, but there’s an implementation of PIN based auth here: https://github.com/yusuke/twitter4j/blob/master/twitter4j-examples/src/main/java/twitter4j/examples/oauth/GetAccessToken.java

Since you only need the tokens you could even use that to authenticate.