Sorry if my question to too naive. But i wish to find audience level information for a particular twitter handle. Lets consider #BarackObama, i wish to find his followers by gender, age, language, location etc. I used python scripts in this link https://github.com/GnipDz/Python-Insights to achieve it.
I do have access to twitter ADS API but it still shows your application ID is not authorized when i try to run the scripts. Is there a special API or addition over Ads API to achieve this? can someone guide me as to how i can do this?
Those scripts use Twitter's enterprise (commercial) Audience API. This API does not enable you to access audiences for individual users, only aggregated data for large numbers of Twitter handles. Additionally, this is not a free-to-access API so you need to have an active enterprise subscription for this to work.
I'm not aware of any programmatic way to access this data, and particularly not for any organic account - the Engagement API enables access to Tweet engagements for the authenticated account, but you're not able to access that data for other users.
Related
I am making a web application that will automate some actions on Google AdWords. The web application can be used by anyone that has an AdWords account.
I am a bit puzzled by the AdWords API, as it is a different from other Google APIs, in terms that it needs two additional config parameters: developerToken and clientCustomerId, a per their documentation:
https://developers.google.com/adwords/api/docs/guides/first-api-call
When constructing the AdWordsClient object, I need to provide the developerToken and clientCustomerId, in order to push data to AdWords.
My question is whether these two parameters (developerToken, clientCustomerId) need to be different for each user that will use my web application?
It seems that I am able to post data to different accounts with an unrelated developerToken, which does not make sense.
Can I get the clientCustomerId from an API endpoint, so I don't require my users to manually input tokens and ids to the web app, and do the complete authentication with oAuth?
My code is working, I am asking more of the philosophy why I need these two parameters, and if I can avoid asking the user to manually copy them from the AdWords dashboard into my application?
The developer token identifies a given Adwords API developer and is used for RMF enforcement, rate limiting and the like. As you mentioned, this is different from other Google APIs, which I think has to do with the fact that it's not a publicly available API. You always have to use the developer token that was given to you as part of your API sign-up process and are not allowed to use another developer's one (thus there's no possibility to have a user of your application enter it on their own).
The clientCustomerId parameter refers to the specific Google Ads account that you want to interact with. As a given user (identified by the OAuth2 access token that you include in your request) might have access to a whole lot of different accounts, this always needs to be included.
As for how to obtain a list of accessible account given a user's credentials, you can use the CustomerService.getCustomers endpoint for that purpose. Quoting the docs, it will "return details of all the customers directly accessible by the user authenticating the call."
I am using Twitter as an OAuth provider for ASP.NET MVC 4 web site. I would like to be able to follow up with a registered user at a later date, either by email or via a tweet. Outside of having the user follow me on Twitter, do I have any other options to communicate with the user?
Here is what I unsuccessfully considered:
It appears that there is no way to get access to the email address since Twitter OAuth API does not return it.
It appears I cannot send a direct message unless a user
follows me on Twitter.
"Read/Write/DirectMessage" permissions seem
too intrusive -- all I want to do is send a user a message that a
new product is released -- I don't need any of the write
capabilities that this level of permissions provides.
To recap, if a user used Twitter to sign in to my website, what are my options to contact that user at a later date?
Thanks.
Twitter's solution for this sort of person-to-person communication is the Direct Message, however, Twitter has (rightfully) decided that both parties need to consent to this channel being available. This decision is intended to reduce the amount of spam in the Twitter ecosystem.
Posting public tweets that mention the username will get your users' attention, but it is also broadcasting their relationship with your company to the entire Twitter ecosystem. You will, essentially, be advertising their relationship with your company without their permission. This approach will bring you headaches sooner or later.
Email is probably a better choice for the sort of announcement to existing customers.
Is there a way to pull user usage data from the Valence API?
In particular I want to know if a user has ever logged in or accessed a certain course.
No, sorry, currently that information is not available through the Valence APIs. If you'd like the Valence APIs to provide that information, and you're affiliated with a D2L customer, please use their account management chain to report your request. If you're not directly affiliated with a D2L account manager, then you can report your request through the Valence support chain.
This particular request is something that other partners and customers have indicated an interest for.
This is a very high level question, to a high level answer too, so I'm just looking for some pointers on the right direction.
Let's say I want to build a web application to manage a user's Google Contacts. I understand this is done by allowing the user to log in with his Google Account while asking for permissions to manage his Google Contacts. So far so good.
Now I want to expose my own API layer for external browser extensions, Android clients, etc. But while I want the API clients to authenticate against Google, I don't want the applications to have full access to the user's Calendar, as the Secret Token is stored on the server.
So, how is this typically handled? I would like to do it by the book as much as possible, without having to implement a lot of security code.
Btw, while the question is too high level, feel free to point me to technical docs.
Thanks
Limited access to the user's resources can only be guaranteed by limited OAuth scopes:
https://developers.google.com/gdata/docs/auth/oauth#Scope
Some APIs, for instance the Contacts API, only provide a single scope which gives you access to all the data. In cases like this, the user can only choose between giving you access to all his contacts or none of them.
Other APIs expose different OAuth scopes, allowing the developers to only request access to a subset of the user's data. A good example of this is the Google Drive API, which has 5 different scopes for the developer to choose from:
https://developers.google.com/drive/scopes
Let's say I am making a sign up form in which I asked user's twitter ID. How do I verify if the ID entered by user belongs to him/her? In case of verifying email we simply send a verification link which user has to click so how do I verify twitter ID? I have never used twitter before.
The only reliable and practical way to verify that twitter account X belongs to user Y this to do full on “3 legged” OAuth authentication. That being said, you may want to consider if you might be OK with just taking the user at their word on it.
Getting OAuth to work and securely storing the resulting tokens is much easier nowadays than it once was, but is still non-trivial.
Reasons to verify the twitter account, in increasing reasonableness:
You will be making enough server side requests, on behalf of multiple users, that you run up against Twitter’s API Rate Limiting. (Having multiple auth-tokens will allow for a higher API rate)
You need to automagically send tweets and/or follow accounts on the user’s behalf
N.B. do this as opt-in and be ultra clear about when/why you will be doing this, or you will face the justified fury of scorned users
Don’t verify the account if you’re looking to do these things:
You need to send tweets and/or follow accounts on the user’s behalf, and the user will be able to perform a browser based confirmation workflow for each of those actions; use Twitter’s Web Intents for this.
If you just want to pull in real time data for user’s avatar, bio, or recent Tweets Twitter supplies some prefab widgets for you.
All of the authenticated Twitter API Calls can be done client side with JavaScript. Twitter has a js framework, which does not require you to handle and store tokens on your server, to help you with that.
An alternate contact method for password resets, notifications, etc.
Private communication between users on twitter requires mutual following, many users probably never check their Direct Messages (or even know what a DM is), and any messages would be limited to 140 characters. Just use email for all that kind of nonsense.
If you’re just gathering this info to display it on a user’s profile page, in an “other places on the web” kind of way, integrating and maintaining all the server side OAuth pieces is likely too much bother. Just make sure you have a reasonable and clear TOS and an obvious way for 3rd parties to report any of your users who may be claiming a twitter account that is not their own.
If you’re still interested in OAuth, Twitter's Dev page has plenty of resources, including a nice overview of a generic “Sign In with Twitter” “3 legged” OAuth work flow.