Twitter has fixed a caching issue that could have exposed developers’ API keys and tokens.

Twitter developers are being warned of a security bug that may have exposed their applications’ credential information – including sensitive application keys and access tokens.

The issue stemmed from a caching issue in developer.twitter.com. When developers visited this website, it temporarily stored information about their applications in the browser’s cache on the local computer, according to Twitter’s security notice that was sent to developers, shared on Twitter on Friday. The website developer.twitter.com is a central hub for Twitter developers, who create third-party applications for the Twitter platform. These applications allow Twitter users to incorporate multiple platforms into their Twitter account – for instance, OutTwit, a Windows application, allows users to access Twitter via Outlook.

“If you used a shared computer to visit developer.twitter.com with a logged-in Twitter account, we recommend that you regenerate your app keys and tokens,” said Twitter in its Friday notice.

#vulnerabilities #web security #api keys #app security #applications #caching bug #data exposure #developer.twitter.com #oauth api requests #security #tokens #twitter #twitter developers