Best practice would be a read only OAuth app and run the verify credentials method.
Previously Twitter (al3x) as spoken against using OAuth as an OpenID flow but I don't know if this is their current stand or not. On Sat, Mar 21, 2009 at 06:35, GraemeF <grae...@gmail.com> wrote: > > I have an application that does not need access to anything in or do > anything to a Twitter account, it just wants proof that the user owns > the account. This doesn't seen to fit with OAuth; the app needs proof > of identity rather than authorization, so in fact OpenID would be more > suitable than OAuth. > > Ideally I would be able to get the username and user id from the > Twitter API without getting authorization for anything else. What's > the best way to tackle this? > > Cheers, > Graeme. > -- Abraham Williams | http://the.hackerconundrum.com Web608 | Community Evangelist | http://web608.org This email is: [ ] blogable [x] ask first [ ] private. Sent from: Madison Wisconsin United States.
