Effective: November 3, 2017.
In addition to the Developer Agreement, this Developer Policy (“Policy”) provides rules and guidelines for developers who interact with Twitter’s ecosystem of applications, services, website, web pages and content including any content that we may make available through our other covered services set forth at https://support.twitter.com/articles/20172501 (“Twitter Services”). Policy violations are also considered violations of the Developer Agreement. Take a look at the Definitions for the meaning of capitalized words used in this Policy. These policies may be changed from time to time without notice. Please check here for any updates.
A. A Few Key Points
- Keep any API keys or other access credentials private and use only as permitted.
- Respect our requirements on how to display and interact with users’ content.
- If your application will need more than 1 million user tokens, you must contact us about your Twitter API access, as you may be subject to additional terms.
- Twitter may monitor your use of the Twitter API to improve the Twitter Services, examine commercial use and ensure your compliance with this Policy.
- Remember, Twitter may suspend or revoke access to the Twitter API if we believe you are in violation of this Policy. Do not apply for or register additional API tokens if Twitter has suspended your account. Instead, contact us.
B. Maintain the Integrity of Twitter’s Products
- Follow the Display Requirements, Twitter Rules and Periscope Community Guidelines. If your Service facilitates or induces users to violate the Twitter Rules or Periscope Community Guidelines, you must figure out how to prevent the abuse or Twitter may suspend or terminate your access to the Twitter API. We’ve provided guidance in our Abuse Prevention and Security help page.
- If your Service submits content to Twitter that includes a Twitter username, submit the correct Twitter username (“@username”).
- Do not modify, translate or delete a portion of the Twitter Content.
- Maintain the features and functionality of Twitter Content and Twitter API. Do not interfere with, intercept, disrupt, filter, or disable any features of Twitter or the Twitter API, including the Twitter Content of embedded Tweets and embedded timelines.
- Do not exceed or circumvent limitations on access, calls, sharing, privacy settings, or use permitted in this Policy, or as otherwise set forth on the Developer Site, or communicated to you by Twitter.
- Do not remove or alter any proprietary notices or marks on Twitter Content or the Twitter API.
- Do not (and do not allow others to) aggregate, cache, or store location data and other geographic information contained in the Twitter Content, except as part of a Tweet or Periscope Broadcast. Any use of location data or geographic information on a standalone basis is prohibited.
C. Respect Users’ Control and Privacy
- Get the user’s express consent before you do any of the following:
- Take any actions on a user’s behalf, including posting Twitter Content, following/unfollowing other users, modifying profile information, starting a Periscope Broadcast or adding hashtags or other data to the user's Tweets. A user authenticating through your Service does not constitute user consent.
- Republish Twitter Content accessed by means other than via the Twitter API or other Twitter tools.
- Use a user’s Twitter Content to promote a commercial product or service, either on a commercial durable good or as part of an advertisement.
- Store non-public Twitter Content such as Direct Messages or other private or confidential information.
- Share or publish protected Twitter Content, private or confidential information.
- Configure media to be sent in a Direct Message as "shared" (i.e. reusable across multiple Direct Messages). You must also provide the user with clear notice that "shared" media sent in a Direct Message will be viewable by anyone with the media's URL.
- Do not (and do not permit others to) associate the Twitter Content with any person, household, device, browser, or other individual identifier, unless you or the entity on whose sole behalf you make such an association do so (a) with the express opt-in consent of the applicable individual; or (b) based solely on publicly available data and/or data provided directly by the applicable individual that the individual would reasonably expect to be used for that purpose.
- If Twitter Content is deleted, gains protected status, or is otherwise suspended, withheld, modified, or removed from the Twitter Service (including removal of location information), you will make all reasonable efforts to delete or modify such Twitter Content (as applicable) as soon as reasonably possible, and in any case within 24 hours after a request to do so by Twitter or by a Twitter user with regard to their Twitter Content, unless otherwise prohibited by applicable law or regulation, and with the express written permission of Twitter.
- If your Service will display Twitter Content to the public or to end users of your Service, and you do not use Twitter Kit or Twitter for Websites to do so, then you must use the Twitter API to retrieve the most current version of the Twitter Content for such display. If Twitter Content ceases to be available through the Twitter API, you may not display such Twitter Content and must remove it from non-display portions of your Service as soon as reasonably possible.
- If your Service allows users to post Twitter Content to Twitter, then, before publishing, show the user exactly what will be published, including whether any geotags will be added to the Twitter Content. If you will send read receipt events for Direct Messages, you should inform users they will be sent as part of a conversation, such as by directly providing this notice to users in your application or by displaying read receipts from other participants in a conversation.
- If your Service allows users to post Twitter Content to your Service and Twitter, then, before publishing to the Service:
- Explain how you will use the Twitter Content;
- Obtain proper permission to use the Twitter Content; and
- Continue to use such Twitter Content in accordance with this Policy in connection with the Twitter Content.
- Whether third parties collect user information on your Service and across other websites or online services;
- Information about user options for cookie management and whether you honor the Do Not Track setting in supporting web browsers.
- If your Service adds location information to users’ Tweets or Periscope Broadcasts:
- Disclose when you add location information, whether as a geotag or annotations data, and whether you add a place or specific coordinates.
- Comply with Geo Developers Guidelines if your application allows users to Tweet with their location.
- Do not store Twitter passwords.
D. Clearly Identify Your Service
- Make sure users understand your identity and the source and purpose of your Service. For example:
- Don’t use a name or logo that falsely implies you or your company is related to another business or person.
- Don’t use a shortened URL for your Service that attempts to mask the destination site.
- Don’t use a URL for your Service that directs users to
- a site that is unrelated to your Service
- a site that encourages users to violate the Twitter Rules or the Periscope Community Guidelines.
- a spam or malware site.
- Do not replicate, frame, or mirror the Twitter website or its design.
E. Keep Twitter Spam Free
- Follow the Abuse and Spam rules here.
- Comply with the automation rules if your Service performs automatic actions.
- Do not do any of the following:
- Mass-register applications.
- Create tokens/applications to sell names, prevent others from using names, or other commercial use.
- Use third-party content feeds to update and maintain accounts under those third parties’ names.
- Name squat by submitting multiple applications with the same function under different names.
- Publish links to malicious content.
- Publish pornographic or obscene images to user profile images and background images.
F. Be a Good Partner to Twitter
- Follow the guidelines for using Tweets in broadcast if you display Tweets offline and the guidelines for using Periscope Broadcasts in a broadcast if you display Periscope Broadcasts offline.
- If you provide Twitter Content to third parties, including downloadable datasets of Twitter Content or an API that returns Twitter Content, you will only distribute or allow download of Tweet IDs, Direct Message IDs, and/or User IDs.
- You may, however, provide export via non-automated means (e.g., download of spreadsheets or PDF files, or use of a “save as” button) of up to 50,000 public Tweet Objects and/or User Objects per user of your Service, per day.
- You may not distribute more than 1,500,000 Tweet IDs to any entity (inclusive of multiple individual users associated with a single entity) within any given 30 day period, unless you are doing so on behalf of an academic institution and for the sole purpose of non-commercial research or you have received the express written permission of Twitter.
- You may not distribute Tweet IDs for the purposes of (a) enabling any entity to store and analyze Tweets for a period exceeding 30 days unless you are doing so on behalf of an academic institution and for the sole purpose of non-commercial research or you have received the express written permission of Twitter, or (b) enabling any entity to circumvent any other limitations or restrictions on the distribution of Twitter Content as contained in this Policy, the Twitter Developer Agreement, or any other agreement with Twitter.
- Use and display Twitter Marks solely to identify Twitter as the source of Twitter Content.
- Comply with Twitter Brand Assets and Guidelines as well as the Periscope Trademark guidelines.
- Do not do any of the following:
- Use a single application API key for multiple use cases or multiple application API keys for the same use case.
- Charge a premium above your Service's standard data and usage rates for access to Twitter Content via SMS or USSD.
- Sell or receive monetary or virtual compensation for Tweet actions, Periscope Broadcasts actions or the placement of Tweet actions on your Service, such as, but not limited to follow, retweet, like, heart, comment and reply.
- Do not use, access or analyze the Twitter API to monitor or measure the availability, performance, functionality, usage statistics or results of Twitter Services or for any other benchmarking or competitive purposes, including without limitation, monitoring or measuring:
- the responsiveness of Twitter Services; or
- aggregate Twitter user metrics such as total number of active users, accounts, total number of Periscope Broadcast views, user engagements or account engagements.
- Use Twitter Content, by itself or bundled with third party data, to target users with advertising outside of the Twitter platform, including without limitation on other advertising networks, via data brokers, or through any other advertising or monetization services.
- Use Twitter Marks, or Twitter Certified Products Program badges, or similar marks or names in a manner that creates a false sense of endorsement, sponsorship, or association with Twitter.
- Use the Twitter Verified Account badge, Verified Account status, or any other enhanced user categorization on Twitter Content other than that reported to you by Twitter through the API.
G. Avoid Replicating the Core Twitter Experience
- Twitter discourages online services from replicating Twitter Service’s core user experience or features.
- The following rules apply solely to Services or applications that attempt to replicate Twitter’s core user experience:
- You must obtain our permission to have more than 100,000 user tokens, and you may be subject to additional terms.
- Use the Twitter API as provided by Twitter for functionalities in your Service that are substantially similar to a Twitter Service feature and present this to your users as the default option.
- Display a prominent link or button in your Service that directs new users to Twitter’s sign-up functionality.
- Do not do the following:
- Pay, or offer to pay, third parties for distribution. This includes offering compensation for downloads (other than transactional fees) or other mechanisms of traffic acquisition.
- Arrange for your Service to be pre-installed on any other device, promoted as a "zero-rated" service, or marketed as part of a specialized data plan.
- Use Twitter Content or other data collected from users to create or maintain a separate status update, social network, private messaging or live broadcasting database or service.
H. Engage in Appropriate Commercial Use
- Advertising Around Twitter Content
- You may advertise around and on sites that display Tweets and Periscope Broadcasts, but you may not place any advertisements within the Twitter timeline or on or within Periscope Broadcasts on your Service other than Twitter Ads or advertisements made available through the official Twitter Kit integration with MoPub. Access to MoPub ads through Twitter Kit requires a MoPub supply account and is subject to MoPub terms of service & policies.
- Your advertisements cannot resemble or reasonably be confused by users as a Tweet or Periscope Broadcast.
- You may advertise in close proximity to the Twitter timeline or a Periscope Broadcast (e.g., banner ads above or below timeline), but there must be a clear separation between Twitter Content and your advertisements.
- Twitter reserves the right to serve advertising via Twitter APIs (“Twitter Ads”). If you decide to serve Twitter Ads once we start delivering them, we will share a portion of advertising revenue with you in accordance with the relevant terms and conditions.
A. Twitter Login
- Present users with easy to find options to log into and out of Twitter, for example, via the OAuth protocol or Twitter Kit.
- Provide users without a Twitter account the opportunity to create a new Twitter account.
- Display the "Sign in with Twitter" option at least as prominently as the most prominent of any other third party social networking sign-up or sign-in marks and branding appearing on your Service.
B. Social Updates
- If you allow users to create social updates from your own social service or a third party social networking, micro-blogging, or status update provider integrated into your Service ("Update"), you must display a prominent option to publish that content to Twitter.
- If Updates are longer than 140 characters or not text, you must display a prominent link to publish that content to Twitter and:
- URLs must direct users to the page where that content is displayed. You may require users to sign in to access that page, but the content must not otherwise be restricted from being viewed.
- URLs must not direct users to interstitial or intermediate pages.
C. Twitter Identity
- Once a user has authenticated via "Sign in with Twitter" via your Service, you must clearly display the user's Twitter identity via your Service. Twitter identity includes visible display of the user's avatar, Twitter user name and the Twitter bird mark.
- Displays of the user's followers on your Service must clearly show that the relationship is associated with the Twitter Service.
D. Twitter Cards
- Develop your Card to have the same quality experience across all platforms where Cards are displayed.
- If your Service provides a logged-in experience, the experience prior to a user’s login must be of equivalent quality and user value.
- Mark your Card as ‘true’ for sensitive media if such media can be displayed.
- Use HTTPS for hosting all assets within your Card.
- For video and audio content:
- Default to ‘sound off’ for videos that automatically play content.
- Include stop or pause controls.
- Do not do any of the following:
- Exceed or circumvent Twitter’s limitations placed on any Cards, including the Card’s intended use.
- Attach the App Card to a user’s Tweet, unless the user is explicitly promoting or referring to the app in the Tweet.
- Place third-party sponsored content within Cards without Twitter’s prior approval.
- Include content or actions within your Card that are not contextually relevant to the user’s Tweet text and Tweet entities, such as URLs and media.
- Generate active mixed content browser warnings.
- Attach monetary incentives or transactions (including virtual currency) to activities that occur within the Card or on Twitter from your Card.
- Apply for Cards access for domains you do not manage to prevent others from registering or utilizing Cards on those domains.
E. Twitter for Websites
- If you expect your embedded Tweets and embedded timelines to exceed 10 million daily impressions, you must contact us about your Twitter API access, as you may be subject to additional terms.
- If you use Twitter for Websites widgets, you must ensure that an end user is provided with clear and comprehensive information about, and consents to, the storing and accessing of cookies or other information on the end user’s device as described in Twitter's cookie use where providing such information and obtaining such consent is required by law.
- If you use embedded Tweets or embedded timelines, you must provide users legally sufficient notice that fully discloses Twitter's collection and use of data about users’ browsing activities on your website, including for interest-based advertising and personalization. You must also obtain legally sufficient consent from users for such collection and use, and provide legally sufficient instructions on how users can opt out of Twitter’s interest-based advertising and personalization as described here.
- If you operate a Service targeted to children under 13, you must opt out of tailoring Twitter in any embedded Tweets or embedded timelines on your Service by setting the opt-out parameter to be true as described here.
F. Periscope Producer
- You must provide a reasonable user-agent, as described in the Periscope Producer technical documentation, for your Service when accessing the Periscope API.
- If you expect the number of broadcasts created by your hardware will exceed (10 million) daily broadcasts, you must contact us about your Twitter API access, as you may be subject to additional terms.
- You must honor user requests to log out of their Periscope account on your Service.
- You may not provide tools in your service to allow users to circumvent technological protection measures.
- Twitter Content - Tweets, Tweet IDs, Direct Messages, Direct Message IDs, Twitter end user profile information, User IDs, Periscope Broadcasts, Periscope Broadcast IDs and any other data and information made available to you through the Twitter API or by any other means authorized by Twitter, and any copies and derivative works thereof.
- Developer Site ‒ Twitter’s developer site located at /content/developer-twitter.
- Periscope Broadcast - A user generated live video stream that is available live or on-demand, that is publicly displayed on Twitter Services.
- Broadcast ID - A unique identification number generated for each Periscope Broadcast.
- Tweet - A short-form text and/or multimedia-based posting made on Twitter Services.
- Tweet ID - A unique identification number generated for each Tweet.
- Direct Message - A text and/or multimedia-based posting that is privately sent on the Twitter Service by one end user to one or more specific end user(s).
- Direct Message ID - A unique identification number generated for each Direct Message.
- Twitter API - The Twitter Application Programming Interface (“API”), Software Development Kit (“SDK”) and/or the related documentation, data, code, and other materials provided by Twitter, as updated from time to time, including without limitation through the Developer Site.
- Twitter Marks - The Twitter name, or logos that Twitter makes available to you, including via the Developer Site.
- Service - Your websites, applications, hardware and other offerings that display or otherwise use Twitter Content.
- User ID - Unique identification numbers generated for each User that do not contain any personally identifiable information such as Twitter usernames or users’ names.