A lot of people have found my presentation on OAuth useful when trying to learn the ins and outs of the entire request cycle with an OAuth- protected API: http://bit.ly/oauth-zero-to-hero
When accessing a protected resource with OAuth, the oauth_token and oauth_token_secret you receive become your "access token". You include oauth_token as an OAuth parameter in your signature base string and authorization header, and then sign your entire OAuth request with a composite signing secret: {url_escaped(consumer_secret)}&{url_escaped(oauth_token_secret)} Taylor On Mar 6, 2:55 pm, IDOLpeeps <i...@idolpeeps.com> wrote: > I've overcome the nuances of generating the oauth signature. It > shocks me that the API documentation provides no clear indication of > how to send the tokens along with an API call. It's not even a PHP- > specific question. Simply put: Where do the "oauth_token" and > "oauth_token_secret" get embedded in API call: As posted parameters? > If so, with what parameter names? Can anybody provide guidance? I > have seen many people ask this question, yet see no answer. > > As far as why one would want to use their own library vs. somebody > else's, that's a question for the ages. One specific answer is that > many of us have created our own application-specific libraries that > accommodate traditional http authentication and we'd like to keep our > libraries when we add Oauth. To do so, it's best to have an answer to > this question. > > Thank you.