If you want to give your users the ability to use multiple twitter accounts with your service, Authorize allows them a chance to switch accounts during the login flow. We consciously do that on a couple of our apps.
On Sun, Jul 12, 2009 at 10:02 PM, Abraham Williams <[email protected]>wrote: > > > On Sun, Jul 12, 2009 at 20:54, Scott Carter > <[email protected]>wrote: > >> >> >> I am using as a reference the Sign in with Twitter documentation at: >> http://apiwiki.twitter.com/Sign-in-with-Twitter >> >> When I issue an authenticate call to: >> https://twitter.com/oauth/authenticate?oauth_token=<request_token> >> >> The callback I get is: >> <callback_url>?oauth_token=<request_token>&oauth_verifier=<verifier> >> >> Questions: >> 1. This callback appears to be identical to the authorize response. >> Is there an error with the flow chart on the Sign in with Twitter page >> that indicates an authenticate callback will include the access token >> and token secret? >> > > The flow chart was created before oauth/authenticate was added. I'm sure > that Twitter will update it now that it has been pointed out. > > 2. I understand that the advantage of using the authenticate process >> is that if a user has already authorized an application, they don't >> need to do it again. Is there any reason to use the authorize >> process instead? It seems that apps would benefit from always using >> the Sign in with Twitter authenticate flow. >> > > I don't know why more sites don't use authenticate instead of authorize. I > think mostly it is by not knowing about it and random TOS issues. > > Thanks, >> >> - Scott >> >> >> >> >> > Abraham > > -- > Abraham Williams | Community Evangelist | http://web608.org > Hacker | http://abrah.am | http://twitter.com/abraham > Project | http://fireeagle.labs.poseurtech.com > This email is: [ ] blogable [x] ask first [ ] private. > -- Wynn Netherland twitter: pengwynn
