Can users whom I’ve blocked still access my tweets through the Twitter API or will that be unauthorized?
Yes and no. Mostly yes, they can still retrieve them.
Someone trying to access your tweets via the API, using the access token of a user who you’ve blocked, will not be able to retrieve them. If they are retrieving tweets via bearer token, i.e. app auth, they can still retrieve them.
True for v2 endpoints. For v1.1, OAuth1 and 2/Bearer both work.
Are you sure about that?
User context is definitely taken into account when using OAuth 1 access tokens, and you can’t use OAuth 1 for bearer tokens.
Absolutely sure using my OAuth1 credentials and the 1.1/search/tweets.json endpoint for a friend who blocked me to test. Perhaps it works because I own the developer account; however, the OP wasn’t clear about that. I didn’t try someone else’s OAuth1 tokens and that use case could actually be 401/3.
2 Likes
Hmm, interesting. I tested it here, and it seems the search endpoint specifically has different behaviour to other endpoints. I don’t make use of the search endpoint myself, so I assumed it didn’t have different behaviour, but it evidently does.
1.1/search/tweets.json returns results from a user that has blocked me, but other endpoints do not. Statuses/show returns 403 error, statuses/lookup omits results from blocked users, etc. Rather odd that search has special behaviour for this (as it doesn’t in the web client).
2 Likes
Thanks for keeping me honest. Cheers
2 Likes
system
Closed
#8
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.
