I am using as a reference the Sign in with Twitter documentation at: http://apiwiki.twitter.com/Sign-in-with-Twitter
When I issue an authenticate call to: https://twitter.com/oauth/authenticate?oauth_token=<request_token> The callback I get is: <callback_url>?oauth_token=<request_token>&oauth_verifier=<verifier> Questions: 1. This callback appears to be identical to the authorize response. Is there an error with the flow chart on the Sign in with Twitter page that indicates an authenticate callback will include the access token and token secret? 2. I understand that the advantage of using the authenticate process is that if a user has already authorized an application, they don't need to do it again. Is there any reason to use the authorize process instead? It seems that apps would benefit from always using the Sign in with Twitter authenticate flow. Thanks, - Scott
