Requesting a Read-Only xAuth Token



Looking for any help or ideas that people may have about this - or, if you’ve had a similar situation occur and can share your experience, that would be helpful. Currently working on a project that employs a Twitter account with a supplied xAuth token. My understanding is that this token allows read-write, when our requirement is that the token be read only.

Is there a way to request a new ‘read-only’ token that can be used in the application, without invalidating the existing token? We would need to replace the existing token with the newly generated one, and then update the app, so there was no interruption in service.

Anyone have experience with this? Thanks in advance for your help!


For an access token to transit from one permission level to another, the strings that represent it will change. You wouldn’t be able to negotiate the token at a different access level without temporarily invalidating the previous representation of your access token. You’ll have to plan for some downtime to make the transition.