Twitter OAuth app best practice



As a web developer - I have several clients who display their own tweets on their own website, and as such I’m trying to figure out what the best practice would be for getting access tokens.

I realise that setting up a single ‘timeline reader’ app on my own twitter account would probably eventually fall foul of rate limits as the number of visitors and sites increased - even with some caching.

So do I:
#1 - Set up an app on my own twitter account (where I can look after it) for each website or
#2 - Get them to set up apps on their own twitter accounts and let me have the access tokens / keys? (or let me into their accounts one time to do it for them)

It seems to me that #1 is best because it doesn’t involve me needing to ask for access to their accounts to do setup or talking them through it / emailing tokens and keys around. Also, if they wanted to change provider away from me later, their new provider could trivially set up a new app?

I just thought I’d check, though.


you don’t need either see


just google twitter for websites and embedded tweets I think will do you fine.


I need a little bit more control over the rendering so I prefer to work with raw data, and want the latest tweet(s) rather than having a specific tweet ID.

I’ve already got the code that can auth with twitter and get the data out, the question was simply who should control the app that contains the tokens and secrets.