That gives me absolute nightmares, when I need to do API calls on user accounts when the user is not logged in to my site.
I need the OAuth tokens, which will stored in my database, to remain valid until the user revokes the access of my app. Meaning, once a user authorizes my app and until he removes that authorization, there must be no reason whatsoever for the user to again be physically involved in any authorization process. This is not unique to my app. This is required by any app that does batch API calls on Twitter accounts. Dewald On Aug 24, 12:19 pm, Chris Babcock <cbabc...@kolonelpanic.org> wrote: > Even if access tokens do not expire, there are other reasons why they > may fail to persist. Your algorithm for using a token should include a > recovery method in the event that authentication fails.