With all that talk about OAuth, I thought I might share my experience using it in for a mobile (j2me) twitter client.
I guess my approach is nothing new, and probably is not applicable to iPhone apps because of the appstore distribution process, but anyways. So the way I handle OAuth is as follows: All application downloads are handled by my own server. Before allowing user to download the app I initiate OAuth authorization with Twitter and then, save user tokens along with generated unique id for a user. Once authorized, user is permitted to download the application which is tagged with that unique user id I generated earlier. Once user starts the app, it uses it's id to authenticate itself to my server. All communicatin between Twitter and user's appication is handled/proxied by the server that performs all necessary oauth signing on behalf of the user. So, this way I have all benefits of using OAuth in a mobile app. The only drawback really, is that user must visit my web site at least once to perform authorization. Regards, Anton http://pavo.me