There is oauth/authorize and oauth/authenticate. Authenticate generally what
is used for Sign in with Twitter and will only prompt for to Allow access
the first time. Authorize will always prompt Allow/Deny.
Abraham

On Mon, Sep 28, 2009 at 00:55, Amicus <ram....@gmail.com> wrote:

>
> On Q1, no, it doesn't make sense for OAuth login to only show the
> "twitter login screen " and then redirect the user.
> The OAuth login screen asks the user whether they would like give the
> app the ability to access and update their Twitter data .....and this
> is how OAuth should work.
>
> On Q2), yes, you can save the access token and use it for making
> twitter api calls on behalf of the user.
>
>
> On Sep 27, 11:29 am, scorpio <sintua...@gmail.com> wrote:
> > Question1: According to the diagram here:
> http://apiwiki.twitter.com/Sign-in-with-Twitter
> > ...after the user authorized the requesting application, when he
> > clicks Sign in With Twitter, he should only get the the twitter login
> > screen and then be redirected back right? But all the live examples
> > I've seen still ask the user to allow the app to access etc.
> >
> > Question2: After you get the access token, whats next? Storing it and
> > the user id/username in database for background logins and operations?
>



-- 
Abraham Williams | Community Evangelist | http://web608.org
Hacker | http://abrah.am | http://twitter.com/abraham
http://web608.org/geeks/abraham/blogs/2009/10/03/win-google-wave-invite
This email is: [ ] blogable [x] ask first [ ] private.
Sent from Madison, Wisconsin, United States

Reply via email to