"From my testing, I am pretty sure authorize supports callback urls."
It does, sorry if I wasn't clear on that.

So for your other question, yes, the new permission (for Read Write
and Private Messages) will only be settable from the /authorize
endpoint.  Further up in the same thread:

"You said you were restricting this permission to the OAuth /authorize
web flow only. Will /oauth/authenticate (Sign in with Twitter) support
the new permission?"
The R/W/DM permission can only be granted through the /oauth/authorize
route. Sign in with Twitter cannot be used to grant R/W/DM.
We understand applications may use other methods of authentication
like Sign in with Twitter as well. For this reason, if a user has
authorised your application for R/W/DM and you direct them through
Sign in with Twitter, we will respect the existing access token
permission. This means you can use Sign in with Twitter after a user
has authorized your application for R/W/DM.

James


On Mon, May 23, 2011 at 4:08 PM, Tyson Lowery <tysonlow...@gmail.com> wrote:
> Ahhh, thanks that answers half my question.  I did not see that from
> Matt - they should split that thread into technical questions and
> complaints, it got too hard to follow.
>
> From my testing, I am pretty sure authorize supports callback urls.
>
> Any idea about authenticate and private messages?  Is this permission
> not available in the authenticate flow by design, or is this a bug?
>
> .
> On May 23, 3:01 pm, James Estes <james.es...@gmail.com> wrote:
>> I believe the only difference is that the authenticate route could be
>> used by only web based applications (ie they need to have a callback
>> url) and allows for the force_login param.  The authenticate can be
>> used by either desktop or web apps, but do not support the
>> force_login...but this may be changing soon.
>>
>> From themattharris earlier in the recent thread about the oauth
>> permission change:
>>
>> "We support multiple accounts in our application, how do we force a
>> login on the authorize flow?"
>> Currently the only flow that supports the force_login parameter is /
>> oauth/authenticate but adding it to /oauth/authorize flow is a good
>> idea. We’ll begin working on this now and will let you know when it is
>> released.
>>
>>
>>
>>
>>
>>
>>
>> On Mon, May 23, 2011 at 3:54 PM, Tyson Lowery <tysonlow...@gmail.com> wrote:
>> > I can't seem to find the difference, does anyone know?
>>
>> > Previous to the new permission system I sent my users to
>> >http://twitter.com/oauth/authenticate/
>>
>> > But for some reason no matter what I do, it says at the bottom This
>> > application will not be able to:
>> > Access your private messages.
>>
>> > So I changed tohttp://twitter.com/oauth/authorize.  That solved the
>> > problem about accessing private messages.  But I'd like to force the
>> > user to re-log into twitter.  I can't figure out a way to do that with
>> > authorize.
>>
>> > I just need to solve one of these 2 problems.  Any ideas?
>>
>> > Thanks,
>> > Tyson
>>
>> > --
>> > Twitter developer documentation and resources:https://dev.twitter.com/doc
>> > API updates via Twitter:https://twitter.com/twitterapi
>> > Issues/Enhancements 
>> > Tracker:https://code.google.com/p/twitter-api/issues/list
>> > Change your membership to this 
>> > group:https://groups.google.com/forum/#!forum/twitter-development-talk
>
> --
> Twitter developer documentation and resources: https://dev.twitter.com/doc
> API updates via Twitter: https://twitter.com/twitterapi
> Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
> Change your membership to this group: 
> https://groups.google.com/forum/#!forum/twitter-development-talk
>

-- 
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
https://groups.google.com/forum/#!forum/twitter-development-talk

Reply via email to