Twitter is a service for friends, family, and coworkers to communicate and stay connected through the exchange of quick, frequent messages. People post Tweets, which may contain photos, videos, links and up to 140 characters of text. Twitter supports OAuth2 authentication which allows glFusion to request Twitter to authenticate a user without exposing the user's password to glFusion.
In order to make authorized calls to Twitter's APIs, your website must first obtain an OAuth access token on behalf of a Twitter user.
The apps.twitter.com application control panel offers the ability to generate an OAuth access token for your website..
Generating a token
Start by visiting the apps.twitter.com “My applications” page, either by navigating to apps.twitter.com, or hovering over your profile image in the top right hand corner of the site and selecting “My applications”:
This page contains a list of the applications you have created, along with a button to create a new application. To create a new application, select the Create Application button.
This screen has the Consumer Key and Consumer Secret you will need to enter into the glFusion configuration page.
You will need to input the following fields:
Your application name. This is used to attribute the source of a tweet and in user-facing authorization screens. 32 characters maximum.
Your application description, which will be shown in user-facing authorization screens. Between 10 and 200 characters max.
Your application's publicly accessible home page, where users can go to download, make use of, or find out more information about your application. This fully-qualified URL is used in the source attribution for tweets created by your application and will be shown in user-facing authorization screens. (If you don't have a URL yet, just put a placeholder here but remember to change it later.)
- Callback URL
Where should we return after successfully authenticating?
You should enter http://www.yoursitehere.com/users.php?oauth_login=twitter
- Developer Agreement
Check the box next to “Yes, I have read and agree to the Twitter Development Agreement”. It is recommended that you read the Twitter Developer Agreement to fully understand Twitters terms and conditions.
Once you enter the information - select the Create Application Button. You will then be shown the OAuth detail screen:
There are some additional settings that you need to configure to ensure the Twitter Authentication works properly.
- Terms of Service URL
- Allow this application to be used to Sign in with Twitter
You should check this box so this feature is enabled.
- Application Icon
You can upload a logo to be used on the Twitter Authorization Page. The logo cannot be larger than 700 kb in size and must be a JPG, GIF, or PNG format.
- Organization Name
You can specify your organization name that will be displayed on the Twitter Authorization page when the user first logs in with Twitter authentication.
- Organization Website
Generally this is the same URL as your glFusion site.
Generally Read Only access is sufficient for logging in via Twitter.
- Request email address from users
Once you have created the Twitter Oauth keys and access tokens, you will need to enter these into the glFusion Configuration.
Navigate to Command & Control → Users & Submissions
Ensure User Login Method[oauth] is set to True
Set Enable Twitter OAuth Login Method to True
Enter the Consumer Key from Twitter in the Twitter OAuth Consumer Key field
Enter the Consumer Secret from Twitter in the Twitter OAuth Consumer Secret field
Select Save Changes
Now you have Twitter Authentication enabled for your site!
Once the user has logged into Twitter, they will be redirected back to your site and automatically be logged in.
- User's Email Address
Twitter has several security settings that control whether or not a user's email address is publicly exposed. If a user has their profile settings configured so they do not expose an email address, glFusion will not be able to request their password and store it in their local glFusion profile.
- glFusion Username
glFusion will request the user's Twitter user name and use this to create the local glFusion user account profile. If there is already a username that matches, glFusion will automatically add a random number to the end of the Twitter username to make it unique on your site. If you have Allow User name change enabled in glFusion's configuration, the user can change their username to something they prefer.