Skip to main content
Ben Nadel at InVision In Real Life (IRL) 2018 (Hollywood, CA) with: Johnathan Hunt
Ben Nadel at InVision In Real Life (IRL) 2018 (Hollywood, CA) with: Johnathan Hunt ( @JHuntSecurity )

Applying Twitter's API "Best Practices" In A ColdFusion Application

By on

Twitter has become one of the most widely used APIs in the world. And as with anything that has become hugely successful, Twitter provides us developers with a wealth of educational material from which to learn. In this presentation, we will examine the Twitter API architecture and do our best to implement Twitter best practices in a sample ColdFusion application. This exploration will cover HTTP authentication, request validation, multi-format responses, and meaningful status code usage.

Appying Twitter's API Best Pracitces In A ColdFusion Application.  

This is probably the only time I'll do this presentation. After giving it, I just didn't feel that confident about the contents. I got some good feedback; but, I just never felt like I connected with it at a core level. However, feel free to take a look at the slides and download the code (including the sample Task List application).

Reader Comments


I really enjoyed the presentation Ben. The best part for me though was the way you handled the error handling. Loved the way you surround the processing segment with a CFTRY and then throw your own error at varying points to handle the correct return code to the caller. Very clever and clean way of building the API. I'll certainly be looking to use a similar system in future.

Though that mic needed to be thrown out of the window. ;)


I think you should keep this presentation . . . improve it. This is a topic I could stand to learn more about, especially since there are good APIs out there such as Flickr ready to be taken advantage of.


Hey Ben,

This was indeed a great presentation my man, well done, really changed my perception on RESTful services, something which I've always shyed away from.

One thing that did cross my mind later that day when I was reflecting on this is that I've seen some funky behaviour with IIS7. I think that by default IIS7 will throw it's own custom error pages whenever you set the response code to anything other than 200.

So, in your case where you're returning XML or JSON formated error messages and adding a status code for 40x of 50x errors then IIS7 will throw it's own HTML content rather than your XML error messages.

I've not had time to look at this and see if that's exactly the case but my gut instinct, and experience of trying to throw friendly exception messages that still carry 50x status codes tells me that IIS7's default behaviour may cause some issues.

Any thoughts or ideas?



Excellent write up. I've been doing a lot of work with writing API's recently. Both RESTful and SOAP. We should chat sometime about an API framework / best practices for ColdFusion developers.


@James, @Robert,

Thanks guys :) I am not sure about IIS7. I've only ever rocked out on IIS6 (and lower). I would think you'd be OK though since it's already been handed off to the JRUN server (I like to pretend like I know thing-one about JRUN).


Ok, maybe I won't give up on it so fast.


Sounds like a good time my friend.

I believe in love. I believe in compassion. I believe in human rights. I believe that we can afford to give more of these gifts to the world around us because it costs us nothing to be decent and kind and understanding. And, I want you to know that when you land on this site, you are accepted for who you are, no matter how you identify, what truths you live, or whatever kind of goofy shit makes you feel alive! Rock on with your bad self!
Ben Nadel