Sure, that's an option, but not one which I would likely take, for
multiple reasons, including rate limiting which I would like to apply
to my client (my server is whitelisted so all accounts would suddenly
get 2 -> that's a bad idea).
I was wondering how the "big" clients do this, like TweetD
You're right in theory that requests after the initial authentication
step should not really need the app's credentials, a single
authentication token & secret ought to suffice and the service
(twitter) should remember which app each token came from. But shrug,
that's just not the way OAuth works.
Hi Taylor,
Thanks for your reply.
What I am currently considering is a connection to my server to
exchange
keys - which you mentioned. The xAuth part would be done from my
server,
the oAuth on the client.
I wrote it like this from the start - exchanging keys with my server -
because I didn't rea
