Search API v1.1 and Authentication


#1

We are building an site that will perform a search on Twitter. We are currently using the Search API here: https://dev.twitter.com/docs/api/1/get/search with the http://search.twitter.com/search.format URL endpoint. We want to start using the v1.1 API to future proof and it seems from this page that authentication is required: https://dev.twitter.com/docs/api/1.1/get/search/tweets

We don’t want to be authenticating the visitors to our site, but rather we just want to authenticate the app making the requests. But it appears this isn’t available yet from this page: https://dev.twitter.com/docs/auth/oauth#user-context

My question is what should we do to keep using the Search API? If we try to use 1.1 we will need to authenticate, but we can’t authenticate an app. If we use 1.0 we will have to update the site to use 1.1 at some point in the very near future. Am I missing an option or a detail?

Thanks!


#2

Run an application in the background that authenticates using a single credential (yours for example) and stores all search results locally (in a db for example). The web page would then display the locally stored results.


#3

You will want to require your end-users to authenticate. It’s the best way for you to grow your access level to meet the number of users using your application. There’s no date yet when a userless context for auth will be available in 1.1, but you can somewhat emulate this behavior through usage of a dedicated access token. However, you’ll still only be able to perform 180 queries per 15 minutes on behalf of your entire user base that way. It’s best to leverage user-based auth instead.


#4

Taylor, what about the plans for the userless context? Is there a date already or any other information?


#5

There’s no date announced yet but we’re busy getting it ready.

It’s best to remember that the spirit of API v1.1 is that you need access tokens to scale your usage of the API. The rate limits for application-only auth’s variant of the Search API are not going to be exceptionally high. Most developers will still want to leverage full user token-based OAuth when using the Search API. Implementing use with a single access token is possible today and, while the ease-of-use will be much simpler with application-only auth, the rate limiting scenario will be pretty similar to a single access token scenario.


#6

Thanks for the update!


#7

What was the problem with the old IP based limits used with v1 search?


#8

NIce


#9

Good morning … I want a page Languages