On Sun, Jul 12, 2009 at 20:54, Scott Carter <[email protected]>wrote:
> > > I am using as a reference the Sign in with Twitter documentation at: > http://apiwiki.twitter.com/Sign-in-with-Twitter > > When I issue an authenticate call to: > https://twitter.com/oauth/authenticate?oauth_token=<request_token> > > The callback I get is: > <callback_url>?oauth_token=<request_token>&oauth_verifier=<verifier> > > Questions: > 1. This callback appears to be identical to the authorize response. > Is there an error with the flow chart on the Sign in with Twitter page > that indicates an authenticate callback will include the access token > and token secret? > The flow chart was created before oauth/authenticate was added. I'm sure that Twitter will update it now that it has been pointed out. 2. I understand that the advantage of using the authenticate process > is that if a user has already authorized an application, they don't > need to do it again. Is there any reason to use the authorize > process instead? It seems that apps would benefit from always using > the Sign in with Twitter authenticate flow. > I don't know why more sites don't use authenticate instead of authorize. I think mostly it is by not knowing about it and random TOS issues. Thanks, > > - Scott > > > > > Abraham -- Abraham Williams | Community Evangelist | http://web608.org Hacker | http://abrah.am | http://twitter.com/abraham Project | http://fireeagle.labs.poseurtech.com This email is: [ ] blogable [x] ask first [ ] private.
