Twitter's Shit Sandwich

John Gruber commenting on Twitter’s change to its third-party API:

With OAuth (…), authentication must take place through a web browser and a session on twitter.com. The app forwards you to a web page at Twitter, you sign in to your Twitter account on the twitter.com website, and then you’re prompted, by Twitter on their website, to grant permission to the app in question to access your account. (…)

When you open a native app — Mac, Windows, iOS, Android, WebOS — you don’t expect to be forwarded out of the app and into your web browser. (…)

There’s no security advantage for OAuth in an embedded web view over xAuth — but there’s a huge decrease in usability, simplicity, and clarity to the user.

Usability standpoint aside, what is most shocking is that Twitter for iPhone is de facto spared since it’s part of the service, and not a third-party app.

More and more, Twitter is starting to put all its third-party developers in a situation it is not comfortable to be in: walking the plank, on the edge of falling and dying of a painful death.

Addendum: Daniel Jalkut, Marco Arment and Craig Grannell posted their thoughts about the change and their pieces are well worth the read, especially Marco’s.

Also, Justin Williams had an interesting say:

I’d actually respect Twitter slightly more if they just came out and shut off API access rather than inconveniencing devs to force them out.

★ Thursday, 19 May 2011