An OAuth client can either have Read-only access or Read/Write access to an account. So this gives the ability to read statuses/friends withou having the ability to post.
On Oct 8, 2009, at 5:43 AM, Bjoern <bjoer...@googlemail.com> wrote: > > Hi, > > just wondering if I read this right: while OAuth provides a way to > give a 3rd party access to an account without the password, it does > not provide a way to simply establish the identity of a Twitter user, > without giving away the rights? > > The only reason I would need access to the account is to make a post > in the name of the user. But that could easily be solved with a > "twitter this"-link instead. So I think it is a bit of a pity that I > can not just authenticate somebody without asking them to give me > power over their account. > > Björn