Hey Ali, Out of band / PIN code authentication is just one of the OAuth authentication flows we are supporting. Cf http://dev.twitter.com/pages/auth_overview
If your app can handle the full OAuth process, stick to it and forget about OOB :) Arnaud / @rno <http://twitter.com/rno> On Wed, Apr 20, 2011 at 10:23 PM, Ali <t.alra...@gmail.com> wrote: > Hi, > > I've been experimenting with OAuth authentication with the Twitter API > for desktop/mobile apps and found out that the verifier pin is not > necessary. Once the the request token is authorized, I am able to > exchange it for an access token without providing the pin code. > > Is this the official expected behavior? I couldn't find any info on > OOB in the API documentation. It is just barely mentioned and the link > for more info doesn't work. > > Is there any documented behavior regarding the verifier pin and > whether requiring the user to enter the pin is recommended or > required? > > > Thanks > > -- > Twitter developer documentation and resources: http://dev.twitter.com/doc > API updates via Twitter: http://twitter.com/twitterapi > Issues/Enhancements Tracker: > http://code.google.com/p/twitter-api/issues/list > Change your membership to this group: > http://groups.google.com/group/twitter-development-talk > -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk