Developers have been clamoring and hounding Twitter for access to the Vine API, but to no avail – yet. Conway Chen, Twitter’s Director of Business Development alluded to mere internal “discussions” about an API at the Big Boulder Conference, but no other details are being shared.
However, gaining access to snippets of Vine’s API – which does exist by the way – isn’t impossible. A few developers are pointing out that the API is simply hidden (and not fully developed since it’s for internal use only). Developers actually can interact with the API like they did with Instagran before it made its public API.
Taking a look at Github, you’ll find a couple of API clients that were built from scratch thanks to reverse engineering. Here’s one by FaridW, and another by tlack. There was an article by khakimov.com that described his strategy for unveiling parts of Vine’s API. Because Vine uses a SSL connection, all the traffic that Vine is sending and receiving can’t be sniffed, as Doejo developer Dan Sosedoff explains. That explains why Khakimov ended up using a SSL interception.
The headache however, Sosedoff says, is authenticating the third-party client with Twitter to use the app since OAuth is in the way. What that means is that if someone is signing in with Twitter, the developer would need to find a way around Twitter validating the sign-up and granting the third-party developer access to that user’s data. If the user signs into the third-party client with a username (or email) and password on the other hand – granted that users signed up with their email addresses in the first place, which we’re not confident of – then the issue left is an inevitable cease and desist from Twitter.
So if you’re a developer, this is one way to get started on a third-party Vine app, but note that these methods and sniffed APIs aren’t sanctioned by Twitter so use them at your discretion.