My application tweets as me instead of the application name


#1

I have a desktop application called WindowSMART 2012 (http://www.dojonorthsoftware.net/TBM/WindowSMART.aspx) which monitors the health of hard disks and solid state disks in computers running Windows. WindowSMART can send disk health alerts via a variety of means including email and mobile devices. I’ve had requests for Twitter integration so I set up a Twitter application called WindowSMART 2012 at http://dev.twitter.com.

After reading the instructions I was led to a C# API called Twitterizer, and this helped with working with OAuthTokens. I set up my Twitter application with all the necessary fields filled out, callback URL, etc. Twitter generated a Consumer Token and Consumer Secret key for me.

I then used Twitterizer to direct new users to Twitter to authorize the app. In providing my consumer key and secret to the authorization, the user is directed appropriately to authorize WindowSMART 2012. So far, so good. The user authorizes the app, and is appropriately given back an Access Token and Access Secret. Again, everything seems to be working as planned.

I then create a new OAuthToken object with the consumer token and consumer secret, as well as the user’s access token and access secret, and generate a tweet. Twitter’s response code indicates success.

Unfortunately, when I go out to my Twitter feed, the tweet is there–but it’s posted by me! So the tweet shows up posted by Matthew Sawyer, and there is no indication at all to indicate that the tweet was generated by WindowSMART 2012. I would expect the tweet to be posted by WindowSMART 2012, not by me.

I read the FAQ here https://dev.twitter.com/docs/faq#5812 and that says the tweet should take the application’s identity but it isn’t. It takes on my identity.

What am I doing wrong?


#2

Are you saying that the author of the Tweet ends up being your own Twitter account rather than the one represented by the access token you used in the request? If this is the case, it’s likely that you’re re-using some kind of hard-coded access token representing your own account instead of the end-user’s. Applications don’t tweet – users tweet through applications.


#3

yes I would love to know which website/app I permitted (when signing with twitter) is posting status as mine through my account, that would help me to find the right app and revoke access. I don’t want to revoke to wrong app. Is there a way to find which app accessed last time and posted on my account?


#4

Speruuuuuuuuuuuuuuuuu