i am unable to get email id on callback page using twitter api. please in help me it is urgent.
Email addresses are not available through the Twitter API. If you need a user's email address, just ask for it.
The whole point of OAuth based sign-in is that you don't have to ask for user details. Why would I not just ask for a password while I'm at it? What's the point of Sign In with Twitter if you have to ask for user details?
can u plz provide a link for creating a login API in your website & twitter redirects the user to its page or it simply creates a pop-up for login oauth like Facebook.
Totally agree. With Twitter being the extreme minority in regards to how they handle OAuth, why aren't they reconsidering?
Of course I'm not going to ask for a user's email on top of getting permission via Twitter, that defeats the whole purpose! This is supposed to save time. If I have to ask for a user's email seperately, then I might as well follow my own signing-up process sans Twitter altogether.
No, that's not "the whole point" of OAuth at all. The whole point of OAuth is to let a 3rd-party system manage authentication/authorization for you. Forcing the user to share personal/private information is not part of the OAuth spec: http://tools.ietf.org/html/rfc6749
still retarded that they don't provide the email.. common sense is more valuable than specs for the real world
Hey buddy. Quick question...
It has been nearly a year since this question has been asked, and I don't see any recent updates. Surely by now you (Twitter API team) realize the short-sided thinking on this topic. Twitter login will simply not be taken seriously until this issue is resolved. Can you please provide an update for if/when this issue will be resolved?
If the answer is "never", a quick explanation for your reasoning would go a long way. "Just ask for it" is obviously not the answer everyone is asking for as this defeats the purpose of using Twitter login in the first place. As someone pointed out below: It's like getting an axe to break into the toolshed, so you can get an axe from the toolshed.
yea totaly agree with you.
................. Twitter Devs ..................
So..... ya. Looks like you guys are still sitting around with your fingers in your ears and making noise instead of fixing this problem. It is a problem, just to be clear.
................. Sensible Devs ..................
Here is how I am working around the problem. I am using Facebook, Google and Windows Live and my own custom form, for registration. Then I am offering an opportunity for my users to connect their twitter account, which they may or may not do.
I am leaving the twitter authentication button in place, but with a disclaimer that their twitter account must be already connected to use it. It's incredibly stupid that I have to do this, this way but until Twitter figures out how stupid this is you gotta do what you gotta do.
Yes, "just ask for it" is the right answer. But the right place to ask it, in this scenario, would be the Twitter page asking the user to grant access. Just recognize it and fix it please.
@kurrik : any Way to get email of the user?
Hi Arne, is there some sort of security reason? It makes API way less usable for login purposes that way.
There are a variety of reasons. The API itself is perfectly serviceable for sign in (see https://dev.twitter.com/docs/auth/sign-twitter for a complete description) without needing to resort to an email address - why do you claim it is less usable?
It's less usable because, let's assume this scenario. I want to authenticate my app with Twitter. However I want to detect if the user signing in with twitter is already a user in my system (cause otherwise I would redirect him to the registration process which would be wrong, cause he just wants to connect his account with Twitter). Right now I can't do all of this, because Twitter doesn't give me access to the user's email, and there is no other way to link these two accounts.
I know it's not a fair comparison, but facebook does give you this information if you ask the user for a special permission, so why not do the same here? If the user doesn't want to allow the app to see the email, well that's another problem, but the ability should exist. That's my take on this :)
Yea, I totally agree with you.
This is one of my case too, I want to check whether the new user from Twitter is already registered on my app or not.
Please consider this, Twitter API team :)
same case with me .. UP ..
UP Same here
I have the same problem too
Same for me, I can link Google and Facebook accounts using e-mail address, so user can sign into my app with google or facebook, and it's still the same user (if it has email same for both accounts). But twitter stands out of this and I can't come out with easy solution. So vote up.
Same for me
totally agree! i remove twitter-authentication
Still no solution for getting Email Id to Authenticate user for my system via Twitter??
In most systems the users are identified by their email address, and most systems also need to send emails to the customers.
If after the authentication we need to ask the user for additional data, the whole one(or two)-click login feeling disappears which might as well lead to simply not using twitter login.
exactly my thoughts as well. im just looking into this now, wondering if things are different? but seems like not. le sigh.
Great answer @Grimor ! Sure it's less usable since we don't have access to the user's e-mail address!
The email address is a great way to uniquely identify users. Also storing the email allows a website's authentication system not care about what API the user is using to login into their site, wheather it be twitter,facebook, or OpenID. Also, having the email would keep you from incorrectly creating a new account for a user for your site if they happen to use another method of logging in beside twitter. An example of a site that does this is Stack Overflow. It doesn't care how you login, it still recognizes you as being you.
if we dont have Email address of the users , then how to we send emails to them, many applications requires email address for this purpose.
That's why you need to simply ask users for the email address if it's something you'd like to have. Yu won't get it from us, it's not part of the data we'll return to you, and so if it's important to you, then you need to collect it on your own terms.
You can use scopes to specify if you need access to the email address or not. It is responsibility of the developer to require as few scopes as possible, and it's responsibility of the end user to decide if (s)he wants to allow the application to proceed with the required scope. Twitter is dropping this altogether by not allowing the feature in any case.
If you need a concrete use case, we are providing 6 different OAuth providers (1 and 2) and are implementing email confirmation just for Twitter.
Guys, I understand that users are a pest, but look at the size of this thread. Please reconsider.
i Want to get the email id from twitter using twitter api.plz help me
due to user identification through email, twitter api gets useless if i cant get the email address through it :(
This kind of invalidates any reason to use twitter as sign-up/sign-in method both on the user's end as well as on the application developer's end. Its not as though the user wouldn't be giving permission for this.
Users choose these types of sign-ins to avoid having to fill in long forms with their details. If the details are not available and the user must still supply them, it invalidates the usefulness in terms of a shortcut sign-up/sign-in option.
This is incredibly short sighted, if I have to "ask" for a users email address after they authorize with twitter, why even bother with a pointless process of authorizing with twitter. Its like getting an axe to break into the woodshed so you can get an axe from the toolshed.
this is confusing because a lot of developers see third party oauth techniques as a way to conveniently enable users to skip having to manually provide details such as email addresses, which is why most other third-party oauth providers (e.g. facebook, google) add an extra step where the user can grant permission for the application to access basic account information.
Agreed... a prompt like, do you want to allow this app to access your email address... would be very useful... then, at most, the user has click an ok button... rather than filling out details that could be retrieved from twitter account settings.
In our application, it's important to match users together based on email address to avoid duplication of accounts between standard login, FB, Google and Twitter. Not having access to the email address when someone is signing in with Twitter makes linking their account much less reliable. This is a clear limitation, and users signing on with Twitter should have the option to share their email address as they do when authorizing in FB and Google.
Twitter signup is useless when we can't get user email... Hopefully twitter is listening... booooo
Totally agree. This is a useless sign-in method without providing an email address. No wonder it is rarely provided as an option. Until this is provided, Twitter will never be a serious option.
I can't believe what I am reading here! I just assumed you could get the users' email like with Facebook sign-in and others. I can remove Twitter as a social sign-in option from my app now again. What a time waster!!
This is completely useless for sign-up/sign-in! Why would I ask the users for their email after they just signed up in my application?? Do as Facebook let the user know during the auth flow, then the user can either take it or leave it.
No way to uniquely identify users across services, without an email address.
I totally agree. Having access to the user's email is important for a number of the reasons mentioned.
consistency - why should a user be able to sign up with 2 clicks through facebook but have to enter an email to enter through twitter?
difficulty - the extra step could mean the difference between getting a member and having them bounce
unification - people may want to sign in through facebook one day and twitter the next - if every other auth system uses email and our database is based on email, then we would wind up creating a duplicate account for the user and that's no good
One other word @kurrik. As for your response to just "ask them". We are asking them by requesting that they sign in through twitter. Why should we ask them twice?
How to get email id.. Please help me anyone.
the twitter api doesn't provide the email
I'm in the midst of designing a new mobile application.
Because I can't get the email out of twitter, unlike Facebook, I will dump Twitter as a signup option. Having the user type his/her email is not an option.
It's a sorry state of affairs. I hope someone is listening.
We use external api for login/register users for save time to validate their email. Create form to insert email, create a thank you page, send a confirm email, create an url engine to activate this email, routine for change it... all that only for the simple "just ask for it". No. Simply, just don't use twitter
I'm currently designing a web app. I told the customers I'd set up Sign in with Facebook and Sign in with Twitter.
Took about 30 mins to to the Facebook sign in. Spent a day figuring out the Twitter sign in, and now I've discovered that I can't get the the user's email address. Have told the customer that Sign In with Twitter won't be an option on the web app because without the email address is completely pointless.