[twitter-dev] Working with OAuth and Wordpress
0 views
Skip to first unread message
Andrew
Apr 28, 2010, 1:54:01 PM4/28/10
to Twitter Development Talk
I am in the process of creating a plugin for wordpress. I was told
that when using oauth with a plugin I can't actually make the plugin
act natively because each time that the plugin is installed each user
has to have their own api credentials is this correct?
Thanks in advance!
that when using oauth with a plugin I can't actually make the plugin
act natively because each time that the plugin is installed each user
has to have their own api credentials is this correct?
Thanks in advance!
Taylor Singletary
Apr 28, 2010, 1:59:30 PM4/28/10
to twitter-deve...@googlegroups.com
Hi Andrew,
If you're distributing your plugin for WordPress, you would want to ensure that it doesn't contain any OAuth consumer keys (API keys) or secrets within the source code. You'd instruct implementors to come to http://dev.twitter.com/apps to create an application and give them a UI or configuration file to enter their consumer key and consumer secret in a safe place resistant to tampering.
In short, your analysis is correct. There are cases where you might more tightly control the distribution of your plugin and the hosts that utilize it where these best practices might be a bit more flexible.
Reply all
Reply to author
Forward
0 new messages