Twitter tightens stranglehold on third-party apps, developers revolt


Twitter unveiled a new version of its API that introduces strict new guidelines limiting how third-party clients leverage its platform, fueling outrage within the developer community.

The new Twitter API version 1.1 will require authentication on every API endpoint, a new per-endpoint rate-limiting methodology and corresponding changes to its Developer Rules of the Road. Twitter said the changes further its ongoing efforts to shift its third-party app ecosystem away from traditional microblogging clients and syndication services to enterprise clients, social-enabled customer relations management tools, social influence ranking solutions and other apps targeting the business, engagement and analytics segments.

Twitter's new API guideline encourage activity in the upper-left, lower-left and lower right quadrants, and limit certain use cases in the upper-right quadrant.

"Nearly eighteen months ago, we gave developers guidance that they should not build client apps that mimic or reproduce the mainstream Twitter consumer client experience," explains Twitter Director of Consumer Product Michael Sippey. "That guidance continues to apply today." 

Among the biggest changes facing developers, Twitter is shifting its Display Guidelines to Display Requirements. "We will require all applications that display Tweets to adhere to these," Sippey states. "Among them: linking @usernames to the appropriate Twitter profile, displaying appropriate Tweet actions (e.g. Retweet, reply and favorite) and scaling display of Tweets appropriately based on the device. If your application displays Tweets to users, and it doesn't adhere to our Display Requirements, we reserve the right to revoke your application key."

Twitter also will require certification for developers building client applications that are pre-installed on mobile handsets, SIM cards, chipsets and other consumer electronics devices. "Due to the long lead time required to update pre-installed client applications once they're 'in the wild,' we want to make sure that the developer is providing the best Twitter experience possible--before the application ships," Sippey says. "If you ship an application pre-installed without it being certified by Twitter, we reserve the right to revoke your application key."

Twitter additionally will place new restrictions on developers requiring large numbers of user tokens, which allow their apps to pull in data. "We will require you to work with us directly if you believe your application will need more than one million individual user tokens," Sippey notes. "Additionally, if you are building a Twitter client application that is accessing the home timeline, account settings or direct messages API endpoints (typically used by traditional client applications) or are using our User Streams product, you will need our permission if your application will require more than 100,000 individual user tokens."

Twitter adds it will not shut down client applications that are currently over the new token limits. "If your application already has more than 100,000 individual user tokens, you'll be able to maintain and add new users to your application until you reach 200% of your current user token count (as of today)--as long as you comply with our Rules of the Road," Sippey says. "Once you reach 200 percent of your current user token count, you'll be able to maintain your application to serve your users, but you will not be able to add additional users without our permission."

Twitter plans to issue API v1.1 in the coming weeks. Developers will be given six months from the day of release to migrate their apps from the current v1.0.

Many developers expressed anger and dismay over the new API rules. "Twitter's API has more rules than North Korea," tweeted Box CEO Aaron Levie, while Instapaper creator Marco Arment blogged "Twitter has left themselves a lot of wiggle-room with the rules. Effectively, Twitter can decide your app is breaking a (potentially vague) rule at any time, or they can add a new rule that your app inadvertently breaks, and revoke your API access at any time. Of course, they've always had this power. But now we know that they'll use it in ways that we really don't agree with." Polar Bear Farm co-founder Layton Duncan was more succinct, tweeting "I think I want to vomit."

For more:
- read this Twitter Developers Blog entry
- read this CNet article

Related articles:
Twitter revokes Instagram's access to Find Your Friends API
Twitter update brings push notifications to iOS, Android apps
Twitter mobile ads now outpace desktop revenues
Twitter expands content interactions inside tweets
Twitter expands mobile ad targeting to BlackBerry devices
Twitter expands mobile ad services with targeted tweets