[BUG] Permissions set incorrectly when creating a new twitter app

api

#1

Hi,

I found a bug yesterday on apps.twitter.com.

Steps to reproduce:

  1. Go to apps.twitter.com
  2. Create a new twitter app, I didn’t check the box for needing email permissions.
  3. In the app’s settings page, the permissions tab shows the current app permission as “Read & Write”. This is a good default to have.
  4. Go to the /oauth/authorize endpoint after the usual oauth negotiations, which takes a user to a “authorize this app” page

Expected behavior:
The page asks the user for read and write permissions.

Actual behavior:
The page asks the user for read permissions.

Workaround:

  1. Go to the app’s settings page, permissions tab, and change the permissions to one of the other two options (read, or read+write+dm) and click apply.
  2. Change it back to read+write and click apply.
  3. Now the expected behavior is seen.