I am using Twitter’s Search API in my app (built in Ruby on Rails) and, given the recent changes to the overall Twitter API, I am making changes to comply with the various regulations and requirements.
However, I am slightly confused by the difference between application authentication and user authentication, so I’d like a little clarification.
To explain further, my app allows the user to search (public) tweets using keywords suggested by the user. This is the only relationship it has with Twitter - i.e. there is no functionality to post tweets via my app at all - however, I am using Twitter’s own Web Intents (https://dev.twitter.com/docs/intents) to allow users to retweet/favorite tweets from the search through Twitter itself, and also to adhere to the display requirements.
I have registered my app at https://dev.twitter.com/apps, so my app has its own consumer key and consumer secret key, and is also set at read-only. Therefore, as far as I understand, my app is authenticated, and subject to the Search API rate limit.
However, should users also be signing into my app to make use of this functionality? In other words, should this feature only be offered to those with a Twitter account, who would need to sign in to my app in order to use the search functionality? Or is this extra layer of interactivity covered by the use of Web Intents?
Any clarification would be most helpful.