Hi, I've been experimenting with OAuth authentication with the Twitter API for desktop/mobile apps and found out that the verifier pin is not necessary. Once the the request token is authorized, I am able to exchange it for an access token without providing the pin code.
Is this the official expected behavior? I couldn't find any info on OOB in the API documentation. It is just barely mentioned and the link for more info doesn't work. Is there any documented behavior regarding the verifier pin and whether requiring the user to enter the pin is recommended or required? Thanks -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk