On 08/19/10 17:16, Ken wrote:
> Taylor, I don't need this as much as some other developers but I think
> I understand why they keep asking for this.
> Sure, our app is not "logged in". But many apps make the user log in
> to Twitter in order to use the app. Then, when the user is done with
> the app, they can't just logout and leave, we have to tell them to go
> to Twitter.com and logout. This is embarrassing (unprofessional) and
> potentially risky. If they don't understand that they are still logged
> in with Twitter, they may make some mistake, such as tweeting from the
> wrong account, and there could be privacy/security concerns about
> subsequent actions a user may perform while unknowingly logged in to
> Twitter.
So one way to handle this from your side would be to just forget the
user's OAuth tokens. Your app will still appear "authorized" to the user
in the connections screen, which would be confusing, but your
application wouldn't be able to perform any operations on their behalf.
It might be useful to have a "destroy credentials" endpoint though, to
remove your app from the connections screen.


> On Aug 19, 4:20 pm, Taylor Singletary <taylorsinglet...@twitter.com>
> wrote:
>> The REST API is (mostly) stateless. There is no "logged in" to "log out."
>> Are you wanting to ensure that the user has to enter their credentials in
>> again when presented with the OAuth flow? If not, what would you be
>> interested in doing this for?
>> Taylor
>> On Thu, Aug 19, 2010 at 6:50 AM, JTOne <jthot...@gmail.com> wrote:
>>> How i can logout using oauth or rest api of twitter?

Reply via email to