There is oauth/authorize and oauth/authenticate. Authenticate generally what
is used for Sign in with Twitter and will only prompt for to Allow access
the first time. Authorize will always prompt Allow/Deny.

On Mon, Sep 28, 2009 at 00:55, Amicus <> wrote:

> On Q1, no, it doesn't make sense for OAuth login to only show the
> "twitter login screen " and then redirect the user.
> The OAuth login screen asks the user whether they would like give the
> app the ability to access and update their Twitter data .....and this
> is how OAuth should work.
> On Q2), yes, you can save the access token and use it for making
> twitter api calls on behalf of the user.
> On Sep 27, 11:29 am, scorpio <> wrote:
> > Question1: According to the diagram here:
> > ...after the user authorized the requesting application, when he
> > clicks Sign in With Twitter, he should only get the the twitter login
> > screen and then be redirected back right? But all the live examples
> > I've seen still ask the user to allow the app to access etc.
> >
> > Question2: After you get the access token, whats next? Storing it and
> > the user id/username in database for background logins and operations?

Abraham Williams | Community Evangelist |
Hacker | |
This email is: [ ] blogable [x] ask first [ ] private.
Sent from Madison, Wisconsin, United States

Reply via email to