Hi there,
I recommend calling verify_credentials with your new token to verify the user in question. The screen_name was added as a convenience method because there were a great many complaints about have to do yet another round trip for the screen_name.
Thanks; — Matt Sanford On Apr 16, 2009, at 02:11 PM, djMax wrote:
Sorry if this is a noob question, but how can we verify the screen_name of an OAuth token? It would seem that having it only out of band as a query arg means it's subject to spoofing right? Not sure how I build secure site login with the core identifier may not match the token I'm given.
