OAuth Through A Firewall


#1

We are setting up an internal application which uses Twitter OAuth authentication. This application sits behind a firewall and is not currently exposed to the outside word. As I understand it I can set which port I want to use for the postback URL and allow that through my firewall but I would like to restrict access based on source address as well.

Is there a known Twitter source IP address or range of addresses which I can allow through my firewall to access the postback URL? I don’t really want to allow access from any source address.

Thanks
Scott


#2

Hi Scott,

Twitter’s servers never initiate a connection with your server. The callback is accessed through a HTTP redirect on the client’s end. So as long as the client can access the callback_url, you shouldn’t have to open ports- all other requests are initiated from your application.


#3

Hi Scott, as you know, we cannot enter a URL but need to define an IP or IP range in our firewall to connect to Twitter.com. Can you tell me if this information is available? Thanks