OAuth and user id issue


#1

Hi all,
I’ve a twitter based application. It uses OAuth protocol for authenticating users who use my app. Now I just wanted to get some doubts cleared on two aspects.Firstly, is there any possiblity that a user’s OAuth acces token which is normally of the format <user_id>-random_string used to access his/her details be changed by twitter from its end. As in, can twitter change the access token for a particular user.

Secondly, the user-id that is sent from twitter end after the authentication is done for a user, is it a 6 digit integer and unique for every user?If its a six digit integer/character then how would uniqueness be maintained as it would get repetitive after 1 million users. And what is the significance of this user id(apart from makinf spefic api calls like fetching timelines etc…) ?

Please do help in clarifying the above doubts as it would greatly help me in solving some problems that my app is currently facing.

Thanks,
Avinash Prasad


#2

Hi all,
Sorry to post back the same question again as I could not get nay answer or helpful pointers on the issues that I’m facing. So here it is once again.
I’ve a twitter based application. It uses OAuth protocol for authenticating users who use my app. Now I just wanted to get some doubts cleared on two aspects.Firstly, is there any possiblity that a user’s OAuth acces token which is normally of the format -random_string used to access his/her details be changed by twitter from its end. As in, can twitter change the access token for a particular user.

Secondly, the user-id that is sent from twitter end after the authentication is done for a user, is it a 6 digit integer and unique for every user?If its a six digit integer/character then how would uniqueness be maintained as it would get repetitive after 1 million users. And what is the significance of this user id(apart from makinf spefic api calls like fetching timelines etc…) ?

Please do help in clarifying the above doubts as it would greatly help me in solving some problems that my app is currently facing.

Thanks,
Avinash Prasad


#3

Hi Avinash,

The strings representing access tokens can change over time for a specific user. Any time a user revokes your application’s permissions or any time the user goes through a permission change of any kind (like read-only to read-write or read-write to read-write with direct messages), the access token strings will change again.

It’s best to consider the strings themselves completely opaque. They’re representations of a specific access state. At this time, our oauth_token field of an access token is a string preceded by a dash an an integer representing the user’s ID on Twitter. This shouldn’t be relied on in any way. The length of these strings will continue growing along with the user base at this time.


#4

I accidentally revoked SoundHound application access to an account and after several re-installs of twit, soundhound, among other comp/software updates… the app is still not allowing me to grant access. Help