Since 2006, Twitter’s APIs have given developers the opportunity to tap into what’s happening in the world. We’re continually amazed by the innovative and helpful use cases developers discover for the Twitter platform: from the town of Jun in Spain that runs on Twitter, to sharing critical information during severe weather, to all the companies creating powerful tools to help businesses get the most out of Twitter. And, of course, we’ve seen developers use our platform to learn how to code, build careers in data science, and produce delightful and fun experiences on Twitter — like Pentametron, a bot that finds rhyming pairs of Tweets that would make Shakespeare proud.
As we’ve outlined in our API platform roadmap, we’re committed to providing access to our platform to developers whose products and services make Twitter a better place. However, recognizing the challenges facing Twitter and the public — from spam and malicious automation to surveillance and invasions of privacy — we’re taking additional steps to ensure that our developer platform works in service of the overall health of conversation on Twitter.
We do not tolerate the use of our APIs to produce spam, manipulate conversations, or invade the privacy of people using Twitter. Between April and June 2018, we removed more than 143,000 apps which violated our policies, and we’re continuing to invest in building out improved tools and processes to help us stop malicious apps faster and more efficiently. To this end, in addition to continuing our work to remove problematic apps after they're already active, we are taking steps to limit the access these apps have to our platform in the first place.
Today, we’re introducing a new way for all developers to request access to Twitter’s APIs, along with upcoming changes to increase accountability for apps creating and engaging with content and accounts on Twitter at high volumes. These changes enable us to have more visibility and control over how developers use our platform and public data from the people using our service, and are intended to help address spam and platform abuse and keep the Twitter service safe and secure for everyone.
A new app registration process
Our new developer account application process – which we initially launched in November – includes use case reviews and policy compliance checks, as well as new protections to prevent the registration of spammy and low-quality apps. Starting today, all new requests for access to Twitter’s standard and premium APIs are required to go through this process. While this change adds a few steps and some additional time to the process of getting started with access to our APIs, we’re committed to supporting all developers who want to build high-quality, policy-compliant experiences using our developer platform and APIs, while reducing the impact of bad actors on our service.
Here’s what these changes mean for developers:
We know this new process adds extra steps and time to get started with development. Our aim is to continue to build a platform where Twitter developers who comply with our policies can get started quickly and scale up, with little to no friction. We are taking these steps to protect accounts while we work toward that goal and determine how best to balance holding developers accountable to our policies with helping developers get started easily.
New rate limits for POST endpoints
Alongside changes to the developer account application process, we’re introducing new default app-level rate limits for common POST endpoints, as well as a new process for developers to obtain high volume posting privileges. These changes will help cut down on the ability of bad actors to create spam on Twitter via our APIs, while continuing to provide the opportunity to build and grow an app or business to meaningful scale. These changes only impact a small percentage of apps active in our ecosystem today, but will apply to all apps that create Tweets, Retweets, likes, follows, or Direct Messages.
Here’s what’s changing:
- Tweets & Retweets (combined): 300 per 3 hours
- Likes: 1000 per 24 hours
- Follows: 1000 per 24 hours
- Direct Messages: 15,000 per 24 hours
While we generally like to provide a longer timeline for developers to prepare for changes like these, we are accelerating this change because protecting our platform and people using Twitter from abuse and manipulation is our highest priority. Despite the accelerated timeline, we want to ensure developers have time to submit the necessary information, and that we can complete all reviews with minimal disruption to policy-compliant apps.
Reporting bad apps
Finally, we’re also introducing a new option for people to report suspected violations of our platform policies to us for review. You can use the “Report a bad app” option in our Help Center to report uses of our APIs which produce spam, invade user privacy, or otherwise violate our rules.
To learn more about our policies and how we’ll be evaluating applications, please review the Twitter Developer Agreement, Developer Policy, Automation Rules, and Restricted Uses documentation. You can also ask questions about these policies using the Rules and Policies category in the Developer Forums.
To stay up-to-date with developer platform updates, please follow Tweets from @TwitterDev and subscribe to developer news from our other channels. To see what’s coming, follow our developer platform roadmap.
Did someone say … cookies?