Important: Twitter Updating Authentication Methods

Twitter fail whaleI honestly have no idea when this was announced, but Twitter will start disabling its “Basic Auth” on Aug. 16, 2010 (the system will be completely unavailable by Aug. 31). For Twitter users, this doesn’t really mean anything. However, for Web developers that use various interfaces and plug-ins to share information on Twitter, this is big.

The majority of API libraries and classes that were (and, as of this writing, still are) listed in the official Twitter API documentation will stop working. This change, as far as I can tell, will effect the way tweets are sent and the way tweets are received. Therefore, whether you’re trying to post tweets from an external source, or you’re simply trying to list your latest tweets, if the interface uses the old system of Basic Auth, it’s going to stop working on Aug. 31.

For instance, in the content management system I developed for my place of employment, I use the Twitter PHP class from Felix Oginha. This class, though, uses Twitter’s old system of Basic Auth (the username and password are provided when the tweet is sent) rather than using oAuth or xAuth. Because the Basic Auth system will be disabled by the end of this month, I now have to scramble to rewrite all of the code I was using that allowed our content managers to easily tweet from within the CMS administration area.

While many of you may not be developing your own Twitter interfaces, I’d be willing to bet that quite a few of you have some sort of Twitter plug-in installed on your blog. How many of those plug-ins will stop working (assuming they aren’t updated) once the Basic Auth is disabled? I have no idea, but it’s a question that needs to be posed to the developers of those plug-ins.

What Should You Do?

If you’re a Twitter user without a blog (or, at least without a Twitter plug-in on your blog) and you don’t interact with Twitter through anything but the Twitter website and/or the bigger-name Twitter clients (Tweetdeck, Seesmic, HootSuite, Brizzly, etc.) then you don’t have to do anything.

If you’re a developer that has built your own Twitter interface for whatever reason, you need to reexamine your methods to make sure they’re using the oAuth protocol. I’ve been told by @twitterapi that many of the libraries currently listed in the API documentation do not. They recommended using the TwitterOAuth library created by Abraham Williams for PHP applications.

If you’re a blog/website owner that uses a plug-in to interact with Twitter (for instance, to automatically tweet when a new post or page is published or to display recent tweets on your website or blog), you need to investigate the plug-in. Check the plug-in’s website and documentation to see if it supports/uses Twitter’s oAuth protocol. If you can’t find the information you need, contact the plug-in’s developers.

For WordPress users, I have done a little research. The following Twitter plug-ins do claim to support oAuth already. Are you aware of any others that use oAuth instead of Basic Auth?