New Twitter Application Tier And Permission Retrieval Endpoint

[thedavecarroll]

On the Twitter forums last year, I asked if there would be functionality added to API v2 that could provide the tier of the calling application.

As a developer of a product that uses the Twitter API,
I would like the application to be able to retrieve the tier/version and permissions configured for it,
so that I could use the appropriate endpoints, parameters, and search operators.

For example, a command using a search endpoint should use the endpoint and parameter validation rules for that endpoint for each search offering.

Standard v1.1
Premium v1.1
Enterprise

Additionally, it would be desirable to discover the permissions granted, whether OAuth 1.0a based (Read, Read/Write, Read/Write/Direct Messages) or OAuth 2.0 w/PKCE based (for scopes). I know that x-access-level is included in the headers (at least for OAuth 1.0a calls) but I don't know if something similar is available for scopes.

If an application using OAuth 2.0 w/PKCE allows a user to select which scopes, knowing the allowed scopes would allow the developer to restrict commands which would knowingly fail, such as trying to create a Tweet when the user only consented to tweet.read and users.read scopes. Likewise, if an application using OAuth 1.0 would require Read/Write, it would be better to prevent the user from performing any call API calls that would create, update, or delete a resource.

Thank you,
thedavecarroll
Primary developer for BluebirdPS.

[thedavecarroll]

I just had the idea that, along with the tier and permissions, the endpoint could also return the age of the age (create date) of the keys and tokens.

This could be used to provide a reminder for the user to generate new keys and tokens, or enforce an application-based expiration of keys and tokens.