The more I think about this, the less it makes any sense whatsoever to force everyone through a re-authentication if DM access is required.
Here's why: 1) For existing user tokens, the users have already granted access with the knowledge that it is to their DMs as well. In other words, they have already granted access to their DMs. 2) If an app needs access to the users' DMs, it is going to force thousands of people to waste thousands of hours to re-authorize something they want the app to do and something they have already implicitly granted to the app. 3) Many users are going to miss the memo, and then be very upset with the app owner(s) because what had worked before suddenly stopped working. 4) Additional and completely unnecessary workload and costs are going to be added to the support staff of the app, to help users who do not understand why they need to re-authorize, or who have missed the memo in the first place. 5) By forcing re-authorization for apps that require DM access and already have DM access, Twitter gains absolutely nothing. After forcing thousands of people through a redundant process, we're back at where we started, namely, the app has access to the user's DMs. It's not like the user has a choice of not granting a requesting app access to his DMs, but only to his followers and tweets. If the app request DM access, the user can either grant it, or deny access completely. Exactly the same way it works today. The only benefit here is for apps who don't need DM access, which will now be able to request account access without DM access. But, if the app does not need or use access to DMs, it provides absolutely no benefit to take existing DM access of already granted user tokens away. It is not used. It makes perfect sense to implement this change from a date going forward, meaning all user tokens granted after that date will be either Read, Read & Write, or Read & Write & DM. That provides more transparency for the user. But to yank away existing access rights and then force the equivalent of a small nation through a re- authentication process just to re-establish what had already been granted and then unilaterally taken away, that makes no sense at all. -- Twitter developer documentation and resources: https://dev.twitter.com/doc API updates via Twitter: https://twitter.com/twitterapi Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list Change your membership to this group: https://groups.google.com/forum/#!forum/twitter-development-talk