2009/3/26 Joshua Perry <[email protected]> > > OAuth is a delegation API, it will never have support for Authentication > only (authentication is verifying identity, authorization is validating > access to some resource based on that identity). That is the job of > OpenID and is a service much better provided for by OpenID.
I totally appreciate that, hence the subject of this discussion ;) Just trying to work out what we can do with the tools at our disposal. Given that Twitter provides a verify_credentials method that can be called with the appropriate token, that's about the best we can do at the moment. G.
