Updated November 3, 2017
This page is primarily intended for developers.
For Twitter users: You are ultimately responsible for the actions taken with your account, or by applications associated with your account. Before authorizing a third-party application to access or use your account, make sure you've thoroughly investigated the application and understand what it will do. If automated activity on your account violates the Twitter Rules or these automation rules, Twitter may take action on your account, including filtering your Tweets from search results or suspending your account.
For more information on third-party applications, please see our article on connecting and revoking third-party applications.
I. Ground Rules
- Build solutions that automatically broadcast helpful information in Tweets.
- Run creative campaigns that auto-reply to users who engage with your content.
- Build solutions that automatically respond to users in Direct Messages.
- Try new things that help people (and comply with our rules).
- Make sure your application provides a good user experience and performs well — and confirm that remains the case over time.
- Violate these or other policies. Be extra mindful of our rules about abuse and user privacy.
- Abuse the Twitter API or attempt to circumvent rate limits.
- Use non-API-based forms of automation, such as scripting the Twitter website. The use of these techniques may result in the permanent suspension of your account.
- Spam or bother users, or otherwise send them unsolicited messages.
A. The Twitter Rules and the Developer Agreement and Policy
As with all activity on Twitter, automated activity is subject to the Twitter Rules and, if you’re a developer using the Twitter API, the Developer Agreement and Policy.
You should carefully review these policies to ensure that your automated activity is compliant. Automated applications or activities that violate these policies, or that facilitate or induce users to violate them, may be subject to enforcement action, potentially including suspension of associated Twitter accounts. We may also rate limit, suspend, or terminate developers’ access to the Twitter API based on violations of these policies.
Although all aspects of the Twitter Rules and the Developer Agreement and Policy apply to automated activity, you should keep the following rules top of mind:
Spamming: You may not send automated Tweets or Direct Messages that are spam, or otherwise engage in spamming activity. Some examples of spammy behavior to avoid with automation include:
- Trending topics: You may not automatically post about trending topics on Twitter, or use automation to attempt to influence or manipulate trending topics.
- Multiple posts/accounts: You may not post duplicative or substantially similar Tweets on one account or over multiple accounts you operate.
Duplicate accounts: You may not create and/or automate multiple accounts for duplicative or substantially similar use cases.
- However, automating multiple accounts for related but non-duplicative use cases is permitted. For example, you may automate separate accounts to Tweet when the Hubble Space Telescope passes over different cities, such as San Francisco or Hong Kong.
Misleading links: You may not send automated Tweets or Direct Messages containing links that are misleading, including links that maliciously or deceptively redirect through landing pages or ad pages before displaying the final content.
Sensitive media: Automated Tweets and Direct Messages must comply with the Twitter media policy, and you should mark your account as potentially sensitive if you intend to post graphic, pornographic, or potentially sensitive media.
Abusive behavior: You may not engage in any automated activity that encourages, promotes, or incites abuse, violence, hateful conduct, or harassment, on or off Twitter.
Private information: You may not post private or confidential information about a person without their prior express authorization.
B. Other Ground Rules for Automated Activity
In addition to the policies above, the following ground rules apply to all automated activity on Twitter:
- Don’t surprise or mislead users: Automated activity should honor users’ expectations. Ask for the user’s permission before taking an action if you aren’t sure.
- Mature content or profanity: Don’t Direct Message, mention, or reply to users with potentially sensitive content (including profanity), unless they’ve clearly indicated an intent to receive it in advance.
- Be thoughtful about the information you request or exchange on Twitter
- Tweets: Don’t ask users to send you personal or private information via a public Tweet. If you need additional personal or private information from a user to provide them with customer service (or other similar use cases), you should ask the user to share such information by Direct Message or another private channel. You might even consider adding a Direct Message deep link to your Tweet.
- Direct Messages: You should only ask users for the minimum amount of information you need to provide them with service. If you need to request or exchange particularly sensitive information (such as credit card information), you should consider directing users to your website or other appropriate channel to do so.
II. Activity-Specific Rules
The activity-specific rules in this section apply to taking specific automated actions on Twitter. Please read these rules carefully, as they outline both permitted and prohibited use cases of automation.
Automated applications or activities that violate these rules, or that facilitate or induce users to violate them, may be subject to enforcement action, including suspension of associated Twitter accounts. We may also rate limit, suspend, or terminate developers’ access the Twitter API based on violations of these rules. As a reminder, you should also carefully review the spam guidelines in the Twitter Rules to avoid having activities performed by you, your app, or other users through your app or service flagged as spam.
A. Automated Actions Through Another User’s Account
Twitter users may authorize your app or service to access their Twitter account through OAuth. A user authorizing your app or service to access their Twitter account through OAuth does not by itself constitute sufficient consent to take automated actions through that user’s account.
You may only take automated actions through another Twitter user’s account if you:
- clearly describe to the user the types of automated actions that will occur;
- receive express consent from the user to take those automated actions; and
- immediately honor a user’s request to opt-out of further automated actions.
If you substantially change the purpose or functionality of your app or service, you must re-obtain express consent from the user to take automated action through their account before doing so.
These requirements apply to any automated action taken through another Twitter user’s account, including posting Tweets, sending Direct Messages, deleting Tweets or Direct Messages, or following/unfollowing other accounts. For applications that offer users the ability to delete Tweets in a bulk or automated manner, you must also clearly state that Tweets are not recoverable once deleted.
B. Automated Tweets
1. Posting automated Tweets
Automated Tweets that cross-post outside information: You may post automated Tweets based on sources of outside information — such as an RSS feed, weather data, etc. — as long as you are sufficiently authorized to publish such information.
Other automated Tweets (excluding mentions or replies): Provided you comply with all other rules, you may post automated Tweets for entertainment, informational, or novelty purposes. As a reminder, accounts posting duplicative, spammy, or otherwise prohibited content may be subject to suspension.
2. Posting automated mentions and replies
The reply and mention functions are intended to make communication between Twitter users easier. Automating these actions to reach many users on an unsolicited basis is an abuse of the feature, and is not permitted. For example, sending automated replies to Tweets based on keyword searches alone is not permitted. Spammy or duplicative use of mentions and replies may result in enforcement action, such as the removal of your Tweets from Search or the suspension of your app or account.
However, you may send automated replies or mentions to Twitter users so long as:
- in advance of sending the automated reply, the recipient or mentioned user(s) have requested or have clearly indicated an intent on Twitter to be contacted by you (i.e. opted in), for example by replying to a Tweet from your account, or by sending you a Direct Message;
- you provide a clear and easy way for such users to opt-out of receiving automated replies and mentions, and promptly honor all such opt-out requests;
- you only send one automated reply or mention per user interaction; and
- the automated reply or mention is a reply to the user’s original Tweet (if your campaign is based on users posting a reply to your Tweet).
Opt-in techniques and indications of user intent take many different forms, depending on the specifics of your use case and implementation. Some examples include:
- A Tweet from your account that clearly indicates that a user taking a specific action on that Tweet (such as Retweeting it) will opt the user into receiving an automated response.
- A mention of your account by the user in a manner suggesting the user clearly wishes or intends to receive a response. If you want to run an auto-reply campaign with a campaign- or use-case-specific hashtag, users should also mention you in their Tweets.
Note that a user following your account is not on its own a sufficient indication of user intent to receive an automated response.