Twitter API updates: more authentication, fewer tweets, more rules, certification, and … talk to the hand

Twitter just announced anticipated changes to its API, intended to “deliver a consistent Twitter experience.” Or to tighten Twitter’s grip even more on how Twitter users’ tweets are used off the social networking site … and prep for the continued growth of Twitter monetization.

One thing is certain: The changes will affect some of your favorite apps, such as InstaPaper:

First, the key changes:

Authentication
To minimize bots and scraping of Twitter content, authentication will be required for each and every API request. In other words, Twitter needs to know about you — and authorize you — before you can get data from the Twitter API.

Fewer retweets and fewer followers, but more datapoints
Currently Twitter limits the number of free accesses to its API to 350 calls per hour, whether the requesting site is looking for a tweet, a profile, a user, or a search. In the future, Twitter will implement per-endpoint rate limiting: 60 calls per hour.

If I’m understanding that right, you can get only 60 calls for certain API functions that take more system resources. Twitter’s post does not specify, but it seems that calls like getting the status of retweets on a post, or getting a list of followers for a particular user, would fall into this category.

For those high volume endpoints, such as tweets, profiles, user lookups, and user searches, Twitter will allow up to a maximum of 720 calls per hour.

Full details on these rate limits will be announced later, but it seems clear that Twitter is giving with one hand and taking back with the other. You can have more simple calls; you will presumably need to pay for complex API calls if you want more than 60 an hour.

Display guidelines: Before it was please, now it’s Thou Shalt
Twitter has had display guidelines in place for some time. Now, they’re not guidelines anymore … they are requirements.

Examples include linking @usernames to Twitter profiles and showing standard Twitter actions such as retweet, reply, and favorite. If you fail to comply, Twitter may just revoke your application key.

It’s the C-word: Certification
No more Wild Wild West with Twitter clients. If you want to build a Twitter client for a mobile platform or any other electronic device (such as a smart TV), you’ll need to have your application certified by Twitter. The goal is quality. “We want to make sure that the developer is providing the best Twitter experience possible.” But the result is lockdown.

If Twitter doesn’t like you, tough nuts. And if you do not certify your embedded software, Twitter “reserves the right” to revoke your application key.

Big boys: Talk to the hand
If you have a big app that wants big data, Twitter wants to talk to you. You’ll need permission to access the streams and messages of more than 100,000 individual Twitter users. If you are already doing so, having jumped the queue and built your application when Twitter was more concerned with growth than with control, you may continue, but the cut-off point is 200 percent more users than you currently have.

It’s the classic “them that has, gets,” but at least it’s similar runway for all third-party developers on a percentage basis.

But if you’re just accessing users for data purposes and not providing an application that enables Twitter-like interactions in a third-party app, you’ll be able to access up to 1,000,000 individual users.

Want more? Talk to Twitter, who will guide you “toward areas of value for users and their businesses.”

You’ve got six months
The API migration period is six months, during which time developers will need to migrate their applications from version 1.0. to the new version, 1.1. If you’re already a good boy and only making authenticated calls, this will be simple, says Twitter.

If not, good luck. You will need to start making authenticated calls, and since you probably have a reason for not doing so in the first place, your content-scraping business may be toast. Or your extremely legit app that Twitter just doesn’t like.

And what’s the goal, you ask?
Twitter wants to encourage innovation in the business and analytics side of the business. That’s one of the reasons for the 1 million user rate limit for apps that are not accessing the actual streams of individual users for content creation as well as consumption purposes.

Here’s how Twitter views the third-party app industry:

Twitter wants innovation from others on the left side of the entire chart: business analytics tools like DataMinr, and business engagement apps like HootSuite. And it wants innovation from others on the bottom right quadrant: consumer analytics like Klout.

But consumer engagement — the quadrant where people interact with their interest graph — that is sacred Twitter territory. That is the public face of Twitter to its hundreds of millions of users, and that is Twitter’s brand. Venture there with caution, because Twitter claims that space:

That upper-right quadrant also includes, of course, “traditional” Twitter clients like Tweetbot and Echofon. Nearly 18 months ago, we gave developers guidance that they should not build client apps that mimic or reproduce the mainstream Twitter consumer client experience.” And to reiterate what I wrote in my last post, that guidance continues to apply today.

Which all gives a pretty big clue to how Twitter is planning to monetize.

Data in the three green-light-go quadrants is metered and controlled and can easily be charged for per 1,000 API calls or whatever. And consumer attention will be monetized with native ads, promoted tweets, and the like.

It’s all in the map.

photo credits: CarbonNYC/Flickr,  ~Ilse via photo pin cc