That gives me absolute nightmares, when I need to do API calls on user
accounts when the user is not logged in to my site.

I need the OAuth tokens, which will stored in my database, to remain
valid until the user revokes the access of my app. Meaning, once a
user authorizes my app and until he removes that authorization, there
must be no reason whatsoever for the user to again be physically
involved in any authorization process.

This is not unique to my app.

This is required by any app that does batch API calls on Twitter
accounts.

Dewald

On Aug 24, 12:19 pm, Chris Babcock <cbabc...@kolonelpanic.org> wrote:
> Even if access tokens do not expire, there are other reasons why they
> may fail to persist. Your algorithm for using a token should include a
> recovery method in the event that authentication fails.

Reply via email to