Twitter API Version 1.1 Brings More Regulation To Apps


Share this Post

The Twitter API is everywhere these days. People are Tweeting from all corners of the Web from just about every app. It's so popular due to its relative openness where people can use the Twitter API in different and interesting ways. Unfortunately, Twitter is putting a stop to that next year.

Twitter announced that they are moving to version 1.1 of their API. It will be out within the next few weeks, but they want everybody to get ready for the changes now. Those changes include requiring authentication on every API endpoint, a new per-endpoint rate-limiting methodology, and most importantly, changes to the developer guidelines.

First up is the new requirement for authentication. In the previous version of the API, applications could access information from Twitter without having to use OAuth. It presented a security risk as malicious applications could grab information from Twitter with them being none the wiser. That's why version 1.1 of the API will require all applications to authenticate every request. For applications that already use OAuth, those tokens will transition over to the new version.

Next up is rate limiting and it's once again being implemented to protect the guys at Twitter. Currently, their rate limit is at 350 API calls per hour. They found that this only abused their resources while limiting access to the more popular endpoints. In API 1.1, they will be changing the limit to 60 API calls per hour per endpoint. They're quick to point out that applications using only one endpoint may be negatively affected, but most applications using multiple endpoints will benefit from the change.

The biggest change to version 1.1 are the new responsibilities that Twitter puts on developers. Application developers are most angry about a change that makes design recommendations a requirement. Here's what every developer must now include in their Twitter app:

We will require all applications that display Tweets to adhere to these. Among them: linking @usernames to the appropriate Twitter profile, displaying appropriate Tweet actions (e.g. Retweet, reply and favorite) and scaling display of Tweets appropriately based on the device. If your application displays Tweets to users, and it doesn't adhere to our Display Requirements, we reserve the right to revoke your application key.

The rule is obviously meant to make Twitter look consistent across all platforms and devices. It's an admirable goal, but it does nothing to help developers. It puts undue stress on them to change their app to something that appeases only Twitter. There are multiple Twitter apps that display Tweets in ways that go against the recommended guidelines, but they're also more unique for it. Twitter's new requirement would punish those apps.

The other two changes are a requirement that pre-installed Twitter applications be certified by Twitter and that developers must work with Twitter directly for large amount of user tokens. Both are meant to protect Twitter's resources or brand in some way. In a way, it's a good idea. It helps Twitter consolidate its brand. They just shouldn't have to step all over developers to get there.

For now, developers can still keep using version 1.0 of the API. Version 1.1 will be released at some point in the near future. At that time, Twitter will announce the deprecation of version 1.0. Developers will have six months to migrate to version 1.1. People might be able to convince Twitter to stop being such spoil sports during that time.