Authentication problems. JS only


#1

I created a new application using only js, got access token and access token secret. As I understand it, having these keys I can skip requests “https://api.twitter.com/oauth/request_token” and “https://api.twitter.com/oauth/authorize” and go directly to the “https://api.twitter.com/oauth/access_token”. Am I right? Do I need to encode the keys, and if so, how? How to make a correct “https://api.twitter.com/oauth/access_token” request? After reading the documentation I could not understand.

PS: Sorry for my bad English :slight_smile:


#2

OAuth 1.0A cannot be performed securely in a client-side Javascript-only environment. You should use server-side code and a well-known OAuth 1.0A library to work with OAuth.