> 1. I think the current text makes it clear which account is being used. I do beg to differ, I have made the mistake of authorising the wrong account during the testing. If the account was in the heading and/or an extra paragraph was used in the text to split it up .. they are separate paragraphs gramatically anyway then this can be alleviated ... for the case of two tiny changes I dont think its worth not doing as no harm can be done.
> 2. Not sure I like the idea of auto sign out. Maybe instead if the username > is provided > as an additional parameter twitter will display the login prompt with > the username provided. > The the user just enters their password and authorizes the app. This way > the browser cookie > for the currently active session is not affected and will remain active. Sounds fine to me > A suggestion I might make is not asking for the user's twitter username > before authorization. Instead > have the user go to twitter and authorize which account they want. Then when > they return back and you > get the access token then detect which username is being used if you need > it. You could even double check with the user that this is the account they > want. Yes, I will be doing that for new accounts, but I wish to upgrade existing accounts (its not a new app and there are lots of existing users) ... this could cause confusion if they authorise the wrong account which the app was expecting, but yes I was going to verify the authorisation using the returned user name but its a potential confusion that could be avoided; I just thought it might add an extra useful path on the workflow and help allow the app to control a little part of it.