0afa913de4
Hidden / dashboard-only blogs are pretty straightforward and "only" require a valid 'access-token' and 'access-token-secret' for the given 'api-key' and 'api-secret', so that signed OAuth1.0 requests are possible. Private / password protected blogs on the other hand are a bit cumbersome. In addition to a valid 'access-token' and 'access-token-secret', they also require the account belonging to those tokens to be a member of the blog itself. Knowing the password and entering it in the website isn't enough to access a blog through the API. Following a private blog is also impossible, so that option can't work either.
13 KiB
13 KiB