I'm currently developing an iPhone app that interfaces with Twitter. On initial purchase and setup, the application would function completely independent of our service, interacting directly with Twitter, and can continue to be used without our service. This is the typical use case of xAuth, so no problems here.
However, if the user chooses, our server will monitor Twitter on behalf of the user for the purpose of sending push notifications. This choice would be opt-in, obvious in function and be described clearly. For the best user experience, I'd like to be able to just pass the OAuth tokens to the server for its use, rather than requiring the user to go through an additional round of authentication. Is this acceptable, or would I need to force the user to go through a round of OAuth authentication? I tried to research this a bit, but didn't see anything that directly addresses this issue. Thanks for any advice! Rufo
