More granular permission model

@everdune Everdune Mobile

Today I got feedback from a user that she was not happy to authorize the app for:

1) Read Tweets from your timeline.
2) See who you follow, and follow new people.
3) Update your profile.
4) Post Tweets for you.

She was mainly concerned with 2) and 3). Which I perfectly understand from the users point of view: Why do I need to give those permissions for just posting a Tweet?.

Our app is configured with Read/Write permission and actually only needs permission to post a tweet on behalf of the user. Maybe a separate "Share" permission level that only allows an app to post a Tweet on behalf of the user solves this problem.

2 years 21 weeks ago


@kurrik Arne Roomann-Kurrik

The permissions system was intended to be very straightforward and easy to understand. The share suggestion isn't a bad idea, but adds more complexity to the system for developers and users and wouldn't be a trivial change to implement.

While not suitable for all apps, web intents were created to allow applications to suggest Tweets without requiring all the permissions you listed above, so you may want to consider those for users of your app who don't want to grant permission.

Finally, this is completely my personal opinion, but I don't know of many apps which I wouldn't trust to follow or unfollow, but would trust to issue a Tweet on my behalf. Enough damage could be done with either permission set.

2 years 20 weeks ago

I have greater concern regarding #3, and #4. I am not sure what "Post Tweets For You" actually permits. Will this give permission for the application to post without my permission? This sounds like loss of control is which not what I want. Would not want my profile to be updated without doing it myself. Do these remove my control or permit the me to process updates and posts through the application? If these were clarified I would have less mistrust of application permissions.

2 years 6 weeks ago
@kurrik Arne Roomann-Kurrik

"Post Tweets for You" allows the application to post on your behalf without your intervention.

I should say that revoking such access, if abused, is fairly easy to do in Twitter's settings panel. We also react to complaints about apps which "surprise the user" so to speak.

2 years 6 weeks ago
@NonZeroSumWare Evan Thompson

What could be more straightforward and easy to understand than an a-la-carte permissions model?

Everybody wants this. Every Twitter-enabled app developer and every user has wanted this for a long time now. Twitter has a dream team of hotshot software engineers and all they've come up with on this issue is excuses that it just doesn't work that way.

Make every bullet point on the user's auth screen correspond to a checkbox on the developer's control panel. I need this, this, and this, not that, not that, this, this, but not that.

The auth level is then a byte: 11100110

The existing permission sets can be put into the new system (for example)-
11100000 11111100 11111111
If it's possible to check which of the 3 permission levels the app has and whether they allow the action requested, you can just as well be able to do a bitwise comparison between the permission:
and the unique code for the action:
00000100 (= true, you can do that)
00010000 (= false, you can't do that)

How is that a difficult thing to program?

1 year 32 weeks ago
@kurrik Arne Roomann-Kurrik

While I appreciate the introduction to bitwise operators, your eight bit system contains 256 states, representing a significant increase in cognitive, testing and support overhead from our current 3 state model. It's more difficult for the user to understand and configure, and more difficult for app and Twitter developers to get correct.

Note that I'm not saying impossible, just that there are better things for us to tackle right now without introducing this complexity into the system.

1 year 31 weeks ago
@hieuvpm Hieu Vo

after the matter app cannot get user's email, now no granular permission, I decide to take twitter out of my app's login system.

1 year 31 weeks ago
@harvardjames James Harvard


It goes with out saying that 99% of users are not going to bother contacting a site to say "I didn't authorise your Twitter app because I didn't feel comfortable empowering you not only to Tweet on my behalf, but also follow people, read my old tweets, update my profile and see who I currently follow". They'll just get spooked by the omnipotence they're being asked to grant the app, and move silently on.

I'm sure it does indeed make life much simpler for Twitter, but I don't feel comfortable with such all-or-nothing permissions and I'm sure the same is true for many others.

1 year 23 weeks ago
@InspirRating Anne Moroney IRI

I am definitely not just spooked, I refuse to authorize any app to "Update your profile", not even this very kind-sounding Gift-giving app,
24 Pull Requests
Giving back little gifts of code for Christmas

Mr. Twitter I hope you will reconsider grinch-like greedy permissions.

18 weeks 5 days ago