Folks, I looked through the API, the online discussion, and wrote test code to check both the authorize and authenticate methods. I have not been able to find any difference between the two, apart from the request URL (and, perhaps, some differences in language between Twitter's authorize and authenticate pages).
Are there any differences - or have the two URLs been implemented to logically separate standard Oauth from "Sign in with Twitter", but are otherwise identical? The reason I am asking is because I expected "authentication" to be just that - with no rights or privileges to read or write to user's Twitter account. It appears that when I use "sign in with Twitter", I effectively gain the same level of privileges as I do via the standard Oauth authorize flow. Thanks in advance
