The problem I’m having is not authenticating on each platform and individual device, but securely authenticating the mobile device with our server. I want the user to sign in to our web platform via Twitter’s OAuth, and then add data. I then want the user to sign in via a mobile device application, and be able to pull the data associated with their account on our platform.
Is it possible to securely authenticate the user with our server by matching OAuth Tokens between the one stored on our server and the one stored on the mobile device? Are OAuth tokens different between different devices of the same user? If they are the same, then I can match them and assume that the user is authenticated and can access his/her data on our server. If I’m not mistaken, this would require Reverse Auth in order to gain access to the OAuth tokens.
In short, I don’t want to use in-house authentication, and instead want to rely on Twitter’s OAuth. What properties of Twitter should I use to authenticate the user on the mobile device with our web based platform?