I always wonder how can the Twitter and many social network application provides the API for developer via registered app key. How can it granted and track the using of those external application?
Can you answer me this question? because I alway wondering about this.
Generally speaking the service would generate an API key for you when you sign up for developer access. This key is then associated to your account.
Whenever you make a call to an API, you would be required to pass that key as one of the parameters. That method would then verify that you passed a valid key and would know who was making the call based on the key -> account association created when you signed up.
For Ruby on Rails:
Easy Rails API Authentication Using restful-authentication
http://www.compulsivoco.com/2009/05/rails-api-authentication-using-restful-authentication/
Twitter, Facebook, Google Apps, and others often use OAuth to provide this authentication and tracking. There is a lot of information to be found at http://oauth.net/ and you can play around with OAuth in general at Google's OAuth Playground.