Avoid asking user for authorization every time



Following the docs, I have checked the option
"Allow this application to be used to Sign in with Twitter"

as well as using the /authenticate endpoint instead of /authorize

From what I read
"This method differs from GET oauth / authorize in that if the user has already granted the application permission, the redirect will occur without the user having to re-approve the application. To realize this behavior, you must enable the Use Sign in with Twitter setting on your application record."

this should be enough so that the users don’t have to authorize the app every time but that’s not the case.

I noticed this behaviour since 3 months or so, any idea what is wrong or what have changed ?


This relates to this announcement of a change made in September. The documentation will be updated when the new behaviour has been settled.


Perfect, thanks a lot !


New behaviour ?!

Does this means that the whole 3-leg dance(authorize/authenticate) is going to be deprecated? My guess is not, because that would break a lot of stuff. I’m writing 3-leg OAuth lib in javascript for quite a wile now. Any info in that regard? Thx.