If you want to give your users the ability to use multiple twitter accounts
with your service, Authorize allows them a chance to switch accounts during
the login flow. We consciously do that on a couple of our apps.

On Sun, Jul 12, 2009 at 10:02 PM, Abraham Williams <4bra...@gmail.com>wrote:

>
>
> On Sun, Jul 12, 2009 at 20:54, Scott Carter 
> <scarter28m-goo...@yahoo.com>wrote:
>
>>
>>
>> I am using as a reference the Sign in with Twitter documentation at:
>> http://apiwiki.twitter.com/Sign-in-with-Twitter
>>
>> When I issue an authenticate call to:
>> https://twitter.com/oauth/authenticate?oauth_token=<request_token>
>>
>> The callback I get is:
>> <callback_url>?oauth_token=<request_token>&oauth_verifier=<verifier>
>>
>> Questions:
>> 1. This callback appears to be identical to the authorize response.
>> Is there an error with the flow chart on the Sign in with Twitter page
>> that indicates an authenticate callback will include the access token
>> and token secret?
>>
>
> The flow chart was created before oauth/authenticate was added. I'm sure
> that Twitter will update it now that it has been pointed out.
>
> 2. I understand that the advantage of using the authenticate process
>> is that if a user has already authorized an application, they don't
>> need to do it again.   Is there any reason to use the authorize
>> process instead?  It seems that apps would benefit from always using
>> the Sign in with Twitter authenticate flow.
>>
>
> I don't know why more sites don't use authenticate instead of authorize. I
> think mostly it is by not knowing about it and random TOS issues.
>
> Thanks,
>>
>> - Scott
>>
>>
>>
>>
>>
> Abraham
>
> --
> Abraham Williams | Community Evangelist | http://web608.org
> Hacker | http://abrah.am | http://twitter.com/abraham
> Project | http://fireeagle.labs.poseurtech.com
> This email is: [ ] blogable [x] ask first [ ] private.
>



-- 
Wynn Netherland
twitter: pengwynn

Reply via email to