Hi, To answer myself, yes it is.
I guess I cannot assume that the twitter pin code will always be numeric - would be nice to give the user the numberpad if it is, but then they cannot switch to text... Regards, Chris 2009/6/20 Chris Kimpton <ch...@kimptoc.net> > Hi, > > A bit late to this party, so sorry for repeating stuff, but trying to get > my old head around the twitter 1.0a OAuth changes. > > > http://oauth.googlecode.com/svn/spec/core/1.0a/drafts/3/oauth-core-1_0a.html#auth_step3 > > > http://groups.google.com/group/twitter-development-talk/browse_frm/thread/1c48fedf4ae7ed52/7d772dedcc756cbf#7d772dedcc756cbf > > I have a desktop client (an iphone app, Twitkwik) which 'now' supplies the > user with a pin code after they authorise the app to use Twitter. > > My understanding is that the app should ask the user for the pin code and > then send this (as oauth_verifier) when swapping the request token for an > access token request. > > Does that sound correct? > > As far as I can tell, webapps can get round this by providing a callback. > > Thanks in advance, > Chris >