Won't have "read only access" accomplish this? You can check verify_credentials and never check anything else... but the OAuth login flow remains the same..
..or am I missing something? -Chad On Thu, Mar 26, 2009 at 3:15 PM, Elliott Kember <elliott.kem...@gmail.com> wrote: > > Cool - yeah sorry about that. I meant to say the next time they try to > access their account. > > It'd be even better if there were another level of OAuth permissions - > "authorization only" - which just lets you log in using the account, > and only lets you call verify_credentials. > > Am I the only one that thinks this could be really cool? What are the > downsides? > > On Mar 26, 5:07 pm, Graeme Foster <grae...@gmail.com> wrote: >> 2009/3/26 Elliott Kember <elliott.kem...@gmail.com> >> >> >> >> > No - they don't log in before I request authorization. I get their >> > access token without having any idea who they are. >> >> > That's what I'm trying to avoid - I don't want to have any login stuff >> > on my side so the login is as easy as possible. >> >> I see - exactly the same problem as me then. When you said they log in I >> incorrectly assumed you meant to your app. >> >> G. >