I'm working on an online service where we also have a mobile client (iPhone) to provide access to the online service. I'm now integrating Twitter into our service and this is how we can achieve the seamless experience we want. I'm posting this to get some feedback to make that there is nothing "bad" with this approach.
Our users can choose to authenticate their Twitter account either through the mobile client OR the online service. Once they start the authentication on one end, the Twitter authorization will be synchronized to the other through synchronizing the access token key and access token secret. So I've setup 2 applications, one for web (has callback url) and the other for mobile client. They essentially have the same app name and app url. Is this ok? One thing to be clear on, I never send our consumer key and consumer secret during this synchronization process, so each integration point has both set of consumer keys/secret.